MCITP Windows Admin Interview Questions

8/10/2019 MCITP Windows Admin Interview Questions

1/20

MCITP

powered by

This BlogLinked From HereSYSTEM ADMINOTHER STUFFNetwork Admin

This Blog

Linked From Here

SYSTEM ADMIN

OTHER STUFF

Network Admin

Monday, November 28, 2011

Windows Admin Interview Questions

WINDOWS ADMIN INTERVIEW QUESTIONS

1. *Describe how the DHCP lease is obtained*. It's a four-stepprocess consisting of (a) IP request, (b) IP offer, (c) IP selection and


2/20

(d) acknowledgement.2. *I can't seem to access the Internet, don't have any access to thecorporate network and on ipconfig my address is 169.254.*.*. Whathappened? *The 169.254.*.* netmask is assigned to Windows machinesrunning 98/2000/XP if the DHCP server is not available. The name for thetechnology is APIPA (Automatic Private Internet Protocol Addressing).3. *We've installed a new Windows-based DHCP server, however, theusers do not seem to be getting DHCP leases off of it. *The server mustbe authorized first with the Active Directory.4. *How can you force the client to give up the dhcp lease if youhave access to the client PC?* ipconfig /release5. *What authentication options do Windows 2000 Servers have forremote clients? *PAP, SPAP, CHAP, MS-CHAP and EAP.6. *What are the networking protocol options for the Windows clientsif for some reason you do not want to use TCP/IP? *NWLink (Novell),NetBEUI, AppleTalk (Apple).7. *What is data link layer in the OSI reference model responsiblefor? Data link layer is located above the physical layer, but below thenetwork layer.* Taking raw data bits and packaging them into frames. Thenetwork layer will be responsible for addressing the frames, while thephysical layer is responsible for retrieving and sending raw data bits.8. *What is binding order?* The order by which the network protocolsare used for client-server communications. The most frequently usedprotocols should be at the top.

9. *How do cryptography-based keys ensure the validity of datatransferred across the network?* Each IP packet is assigned a checksum,so if the checksums do not match on both receiving and transmittingends, the data was modified or corrupted.10.*Should we deploy IPSEC-based security or certificate-based security?*They are really two different technologies. IPSec secures the TCP/IPcommunication and protects the integrity of the packets.Certificate-based security ensures the validity of authenticated clientsand servers.11.*What is LMHOSTS file? *It's a file stored on a host machine that isused to resolve NetBIOS to specific IP addresses.12.*What's the difference between forward lookup and reverse lookup inDNS?* Forward lookup is name-to-address; the reverse lookup is

address-to-name.13.*How can you recover a file encrypted using EFS?* Use the domainrecovery agent.

_IIS QUESTIONS_

This came in the mail from the reader who recently went through a jobinterview process. He didn't mention the company name.1. How would you remotely administer IIS?

2. What is RAID? What is it used for?3. How would you go about securing IIS and MS-SQL Server?

_ _

_WINDOWS 2000 ADMINISTRATION QUESTIONS_

1. *Explain hidden shares.*Hidden or administrative shares


3/20

are share names with a dollar sign ($) appended to their names.Administrative shares are usually created automatically for the root ofeach drive letter. They do not display in the network browse list.2. *How do the permissions work in Windows 2000? Whatpermissions does folder inherit from the parent?*When you combine NTFSpermissions based on users and their group memberships, the leastrestrictive permissions take precedence. However, explicit Deny entriesalways override Allow entries.3. *Why can't I encrypt a compressed file on Windows2000?*You can either compress it or encrypt it, but not both.4. *If I rename an account, what must I do to make sure therenamed account has the same permissions as the original one?*Nothing,it's all maintained automatically.5. *What's the most powerful group on a Windowssystem?*Administrators.6. *What are the accessibility features in Windows2000?*StickyKeys, FilterKeys Narrator, Magnifier, and On-Screen Keyboard.7. *Why can't I get to the Fax Service Management console?*You can only see it if a fax had been installed.8. *What do I need to ensure before deploying an applicationvia a Group Policy?*Make sure it's either an MSI file, or contains a ZAPfile for Group Policy.9. *How do you configure mandatory profiles?*Renamentuser.dat to ntuser.man

10. *I can't get multiple displays to work in Windows 2000.*Multiple displays have to use peripheral connection interface (PCI) orAccelerated Graphics Port (AGP) port devices to work properly withWindows 2000.11. *What's a maximum number of processors Win2k supports?*212. *I had some NTFS volumes under my Windows NT installation.What happened to NTFS after Win 2k installation?*It got upgraded to NTFS 5.13. *How do you convert a drive from FAT/FAT32 to NTFS from thecommand line? *convert c: /fs:ntfs14. *Explain APIPA.*Auto Private IP Addressing (APIPA) takeseffect on Windows 2000 Professional computers if no DHCP server can becontacted. APIPA assigns the computer an IP address within the range of169.254.0.0 through 169.254.255.254 with a subnet mask of 255.255.0.0.

15. *How does Internet Connection Sharing work on Windows 2000?*Internet Connection Sharing (ICS) uses the DHCP Allocator service toassign dynamic IP addresses to clients on the LAN within the range of192.168.0.2 through 192.168.0.254. In addition, the DNS Proxy servicebecomes enabled when you implement ICS.

*_WHAT ARE THE DIFFERENCE IN WINDOWS NT SERVER, 2000SERVER AND 2003SERVER AND NOW WIN SERVER2008_*

NT SAM database is a flat database. Where as in windows 2000 active directory database is a hierarchical database.

In Windows NT only PDC is having writable copy of SAM database but the BDC is on

ly read only database. In case of

Windows 2000 both DC and ADC is having write copy of the database

Windows NT will not support FAT32 file system. Windows 2000 supports FAT32

Default authentication protocol in NT is NTLM (NT LAN manager). In windows 2000default authentication protocol is Kerberos V5.

Windows 2000 depends and Integrated with DNS. NT user NetBIOS names


4/20

Active Directory can be backed up easily with System state data

Application Server mode is introduced in windows 2003

Possible to configure stub zones in windows 2003 DNS

Volume shadow copy services is introduced

Windows 2003 gives an option to replicate DNS data b/w all DNS servers in forestor All DNS servers in the domain.

PDC contains a write copy of SAM database where as BDC contains read only copy of SAM database. It is not possible to reset a password or create objects with out PDC in Windows NT.

There is no difference between in DC and ADC both contains write copy of AD. Both can also handles FSMO roles (If transfers from DC to ADC). It is just for identification.

Functionality wise there is no difference windows 2008 is fully script based software with more group policies and permissions win 2000 domain name can

t change. But in 2003 server we can change.

In 2003 we can able to add more than 220 group policy but in 2000 it not possible.

*_54 SCREENING QUESTIONS FOR WINDOWS ADMIN_*1. What is Active Directory?2. What is LDAP?3. Can you connect Active Directory to other 3rd-partyDirectory Services? Name a few options.4. Where is the AD database held? What other folders arerelated to AD?5. What is the SYSVOL folder?6. Name the AD NCs and replication issues for each NC

7. What are application partitions? When do I use them8. How do you create a new application partition9. How do you view replication properties for AD partitionsand DCs?10. What is the Global Catalog?11. How do you view all the GCs in the forest?12. Why not make all DCs in a large forest as GCs?13. Trying to look at the Schema, how can I do that?14. What are the Support Tools? Why do I need them?15. What is LDP? What is REPLMON? What is ADSIEDIT? What isNETDOM? What is REPADMIN?16. What are sites? What are they used for?17. What's the difference between a site link's schedule and

interval?18. What is the KCC?19. What is the ISTG? Who has that role by default?20. What are the requirements for installing AD on a new server?21. What can you do to promote a server to DC if you're in aremote location with slow WAN link?22. How can you forcibly remove AD from a server, and what doyou do later? Can I get user passwords from the AD database?23. What tool would I use to try to grab security relatedpackets from the wire?


5/20

24. Name some OU design considerations.25. What is tombstone lifetime attribute?26. What do you do to install a new Windows 2003 DC in a Windows2000 AD?27. What do you do to install a new Windows 2003 R2 DC in aWindows 2003 AD?28. How would you find all users that have not logged on sincelast month?29. What are the DS* commands?30. What's the difference between LDIFDE and CSVDE? Usageconsiderations?31. What are the FSMO roles? Who has them by default? Whathappens when each one fails?32. What FSMO placement considerations do you know of?33. I want to look at the RID allocation table for a DC. What doI do?34. What's the difference between transferring a FSMO role andseizing one? Which one should you NOT seize? Why?35. How do you configure a stand-by operation master for anyof the roles?36. How do you backup AD?37. How do you restore AD?38. How do you change the DS Restore admin password?39. Why can't you restore a DC that was backed up 4 months ago?

40. What are GPOs?41. What is the order in which GPOs are applied?42. Name a few benefits of using GPMC.43. What are the GPC and the GPT? Where can I find them?44. What are GPO links? What special things can I do to them?45. What can I do to prevent inheritance from above?46. How can I override blocking of inheritance?47. How can you determine what GPO was and was not applied for auser? Name a few ways to do that.48. A user claims he did not receive a GPO, yet his user andcomputer accounts are in the right OU, and everyone else there gets theGPO. What will you look for?49. Name a few differences in Vista GPOs

50. Name some GPO settings in the computer and user parts.51. What are administrative templates?52. What's the difference between software publishing andassigning?53. Can I deploy non-MSI software with GPO?54. You want to standardize the desktop environments (wallpaper,My Documents, Start menu, printers etc.) on the computers in onedepartment. How would you do that?

_29 RESPONSES TO 54 SCREENING QUESTIONS FOR WINDOWS ADMIN_

Que.: What is Active Directory?Ans. Active Directory is a Meta Data. Active Directory is a data basewhich stores a data base like your user information, computerinformation and also other network object info. It has capabilities tomanage and administer the complete Network which connect with AD.Que.: What is the Global Catalog?Ans.: Global Catalog is a server which maintains the information aboutmultiple domains with trust relationship agreement.


6/20

*Que: What is Active Directory?**Ans: *Active Directory service is an extensible and scalable directoryservice that enables you to manage network resources efficiently.*Q01: What is Active Directory?**Ans:* Active Directory is directory service that stores informationabout objects on a network and makes this information available to usersand network administrators.Active Directory gives network users access to permitted resourcesanywhere on the network using a single logon process.It provides network administrators with an intuitive, hierarchical viewof the network and a single point of administration3for all network objects.Q; What is active directory?Ans: active directory is a domain controller which is use toauthenticate and administrate the group of computer, user, server etc.remotely. All the policies and security will be applicable on the clientmachine which one is join the domain. And all this policies and securityis defined in active directory.Q2: What is LDAP?Ans2: LDAP (light weight directory access protocol) is an internetprotocol which Email and other services is used to look up informationfrom the server.Q 18: What is KCC?Ans 18: KCC (knowledge consistency checker) is used to generate

replication topology for inter site replication and for intrasitereplication. With in site replication traffic are done via remoteprocedure calls over ip, while between sites it is done through eitherRPC or SMTP.Q 10: What is Global Catalog Server?The global catalog is a distributed data repository that contains asearchable, partial representation of every object in every domain in amultidomain Active Directory forest. The global catalog is stored ondomain controllers that have been designated as global catalog serversand is distributed through multimaster replication. Searches that aredirected to the global catalog are faster because they do not involvereferrals to different domain controllers.Q; What is active directory?

Active directory is a domain controller which is use to authenticate andadministrate the group of computer, user, server etc. remotely. All thepolicies and security will be applicable on the client machine which oneis join the domain. And all this policies and security is defined inactive directory.Q 4: Where is the AD database held? What other folders are related to AD?A 4: The AD data base is store in NTDS.DIT fileQ 5: What is the SYSVOL folder?A 5; The sysVOL folder stores the server's copy of the domain's publicfiles. The contents such as group policy, users etc of the sysvol folderare replicated to all domain controllers in the domain.Q 19: What is the ISTG? Who has that role by default?A 19: Windows 2000 Domain controllers each create Active Directory

Replication connection objects representing inbound replication fromintra-site replication partners. For inter-site replication, one domaincontroller per site has the responsibility of evaluating the inter-sitereplication topology and creating Active Directory ReplicationConnection objects for appropriate bridgehead servers within its site.The domain controller in each site that owns this role is referred to asthe Inter-Site Topology Generator (ISTG).Q: 15 What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM?What is REPADMIN?A 15: LDP: Label Distribution Protocol (LDP) is often used to establish


7/20

MPLS LSPs when traffic engineering is not required. It establishes LSPsthat follow the existing IP routing, and is particularly well suited forestablishing a full mesh of LSPs between all of the routers on the network.

Replmon: Replmon displays information about Active Directory Replication.ADSIEDIT: ADSIEdit is a Microsoft Management Console (MMC) snap-in thatacts as a low-level editor for Active Directory. It is a Graphical UserInterface (GUI) tool. Network administrators can use it for commonadministrative tasks such as adding, deleting, and moving objects with adirectory service. The attributes for each object can be edited ordeleted by using this tool. ADSIEdit uses the ADSI applicationprogramming interfaces (APIs) to access Active Directory. The followingare the required files for using this tool: ADSIEDIT.DLLADSIEDIT.MSCNETDOM: NETDOM is a command-line tool that allows managementof Windows domains and trust relationships. It is used for batchmanagement of trusts, joining computers to domains, verifying trusts,and secure channels.REPADMIN:This command-line tool assists administrators in diagnosing replicationproblems between Windows domain controllers. Administrators can useRepadmin to view the replication topology (sometimes referred to asRepsFrom and RepsTo) as seen from the perspective of each domaincontroller. In addition, Repadmin can be used to manually create thereplication topology (although in normal practice this should not be

necessary), to force replication events between domain controllers, andto view both the replication metadata and up-to-datedness vectors.Q 36: How to take the backup of AD?A 36 : for taking backup of active directory you have to do this :first go to START -> PROGRAM ->ACCESORIES -> SYSTEM TOOLS -> BACKUPwhen the backup screen is flash then take the backup of SYSTEM STATE itwill take the backup of all the necessary information about the systemincluding AD backup , DNS ETC.Q 37: how to restore the AD?A 37: For this do the same as above in the question 36 but in place ofbackup you select the restore option and restore the system state.Q 19: What is the ISTG? Who has that role by default?A 19: Inter-Site Topology Generator (istg) is responsible for managing

the inbound replication connection objects for all bridgehead servers inthe site in which it is located. This domain controller is known as theInter-Site Topology Generator (ISTG). The domain controller holding thisrole may not necessarily also is a bridgehead server.Q 29: What are the DS* commands A 29: You really are spoilt for choicewhen it comes to scripting tools for creating Active Directory objects.In addition to CSVDE, LDIFDE and VBScript, we now have the following DScommands: the da family built in utility DSmod - modify Active DirectoryattributesDSrm - to delete Active Directory objectsDSmove - to relocateobjectsDSadd - create new accountsDSquery - to find objects that matchyour query attributesDSget - list the properties of an objectQ 30 :What's the difference between LDIFDE and CSVDE? Usage considerations?

A 30 : CSVDE is a command that can be used to import and export objectsto and from the AD into a CSV-formatted file. A CSV (Comma SeparatedValue) file is a file easily readable in Excel. I will not go to lengthinto this powerful command, but I will show you some basic samples ofhow to import a large number of users into your AD. Of course, as withthe DSADD command, CSVDE can do more than just import users. Consultyour help file for more info.Like CSVDE, LDIFDE is a command that can be used to import and exportobjects to and from the AD into a LDIF-formatted file. A LDIF (LDAP DataInterchange Format) file is a file easily readable in any text editor,


8/20

however it is not readable in programs like Excel. The major differencebetween CSVDE and LDIFDE (besides the file format) is the fact thatLDIFDE can be used to edit and delete existing AD objects (not justusers), while CSVDE can only import and export objects.Q 25 : What is tombstone lifetime attribute?A 25 : The number of days before a deleted object is removed from thedirectory services. This assists in removing objects from replicatedservers and preventing restores from reintroducing a deleted object.This value is in the Directory Service object in the configuration NIC.You want to standardize the desktop environments (wallpaper, MyDocuments, Start menu, printers etc.) on the computers in onedepartment. How would you do that? How it is possibal(20)What are the requirements for installing AD on a new server?Ans:1)The Domain structure2)The Domain Name3)storage location of thedatabase and log file4)Location of the shared system volume folder5)DNSconfig Methode6)DNS configuration7. What are application partitions? When do I use them.Ans: AN application diretcory partition is a directory partition that isreplicated only to specific domain controller.Only domain controllerrunning windows Server 2003 can host a replica of application directorypartition.Using an application directory partition provides redundany,availabiltiyor fault tolerance by replicating data to specific domain controller prany set of domain controllers anywhere in the forest

Q:You want to standardize the desktop environments (wallpaper, MyDocuments, Start menu, printers etc.) on the computers in onedepartment. How would you do that? How it is possibal.Ans:Login on client as Domain Admin user change whatever you need addprinters etc go to system-User profiles copy this user profile to anylocation by select Everyone in permitted to use after copy changentuser.dat to ntuser.man and assgin this path under user profileQ. 8. How do you create a new application partitionANS:Use the DnsCmd command to create an application directory partition.To do this, use the following syntax:DnsCmd ServerName /CreateDirectoryPartition FQDN of partitionGlobal catalog provides a central repository of domain information forthe forest by storing partial replicas of all domain directory

partitions. These partial replicas are distributed by multimasterreplication to all global catalog servers in a forest.Its also used in universal global membership.How do you view all the GCs in the forest?Ans: C:\>repadmin /showreps where domain_controller is the DC you want to query to determine whetherit's a GC. The output will include the text DSA Options: IS_GC if the DCis a GC. . . .Trying to look at the Schema, how can I do thatAns: type adsiedit.msc in run or command promptQ. Can you connect Active Directory to other 3rd-party DirectoryServices? Name a few options.Ans. Yes, you can use dirXML or LDAP to connect to other directories In

Novell you can use E-directory

*PAGE FILE AND VIRTUAL MEMORY*Page File Is Storage Space For The Virtual Memory, Page File Uses HardDisk Space As a Memory To Provide Memory Allocation..*DIFFERENCE BETWEEN DNS IN WINDOWS2000 & WINDOWS2003*

We can rename or moved the domain name without rebulding in windows 2003 server,but in windows 2000 server, we can t do that.


9/20

Shadow copy feature available in windows2003 server but not in windows2000 server.A new tools to recover files.

There are 220 new group polices are added in windows2003 server over windows2000server.

In windows2000 server support maximum 10 users access shared folders at a time through network, but windows2003 server no limitation.

Windows 2003 server includes IIS in it.

*WINDOWS ADMIN INTERVIEW QUESTIONS*1. *Describe how the DHCP lease is obtained*.It's a four-step process consisting of (a) IP request, (b) IP offer, IP selection and (d) acknowledgement.2. *I can't seem to access the Internet, don't have anyaccess to the corporate network and on ipconfig my address is169.254.*.*. What happened?***The 169.254.*.* netmask is assigned to Windows machines running98/2000/XP if the DHCP server is not available. The name for thetechnology is APIPA (Automatic Private Internet Protocol Addressing).3. *We've installed a new Windows-based DHCP server, however,

the users do not seem to be getting DHCP leases off of it. *The servermust be authorized first with the Active Directory.4. *How can you force the client to give up the dhcp lease ifyou have access to the client PC?***ipconfig /release5. *What authentication options do Windows 2000 Servers havefor remote clients?***PAP, SPAP, CHAP, MS-CHAP and EAP.6. *What are the networking protocol options for the Windowsclients if for some reason you do not want to use TCP/IP? *NWLink(Novell), NetBEUI, AppleTalk (Apple).7. *What is data link layer in the OSI reference modelresponsible for? Data link layer is located above the physical layer,

but below the network layer.*Taking raw data bits and packaging them into frames. The network layerwill be responsible for addressing the frames, while the physical layeris reponsible for retrieving and sending raw data bits.8. *What is binding order?***The order by which the network protocols are used for client-servercommunications. The most frequently used protocols should be at the top.9. *How do cryptography-based keys ensure the validity ofdata transferred across the network?*Each IP packet is assigned a checksum, so if the checksums do not matchon both receiving and transmitting ends, the data was modified orcorrupted.10. *Should we deploy IPSEC-based security or certificate-based

security? *They are really two different technologies. IPSec secures the TCP/IPcommunication and protects the integrity of the packets.Certificate-based security ensures the validity of authenticated clientsand servers.11. *What is LMHOSTS file?***It's a file stored on a host machine that is used to resolve NetBIOS tospecific IP addresses.12. *What's the difference between forward lookup and reverselookup in DNS?*


10/20

Forward lookup is name-to-address, the reverse lookup is address-to-name.13. *How can you recover a file encrypted using EFS?*Use the domain recovery agent.

*WINDOWS SERVER 2003 INTERVIEW AND CERTIFICATION QUESTIONS*1. *How do you double-boot a Win 2003 server box?* TheBoot.ini file is set as read-only, system, and hidden to preventunwanted editing. To change the Boot.ini timeout and default settings,use the System option in Control Panel from the Advanced tab and selectStartup.2. *What do you do if earlier application doesn't run onWindows Server 2003?*When an application that ran on an earlier legacyversion of Windows cannot be loaded during the setup function or if itlater malfunctions, you must run the compatibility mode function. Thisis accomplished by right-clicking the application or setup program andselecting Properties > Compatibility > selecting the previouslysupported operating system.3. * If you uninstall Windows Server 2003, which operatingsystems can you revert to?* Win ME, Win 98, 2000, XP. Note, however,that you cannot upgrade from ME and 98 to Windows Server 2003.4. *How do you get to Internet Firewall settings?* Start >Control Panel > Network and Internet Connections > Network Connections.

5. *What are the Windows Server 2003 keyboard shortcuts?*Winkey opens or closes the Start menu. Winkey + BREAK displays theSystem Properties dialog box. Winkey + TAB moves the focus to the nextapplication in the taskbar. Winkey + SHIFT + TAB moves the focus to theprevious application in the taskbar. Winkey + B moves the focus to thenotification area. Winkey + D shows the desktop. Winkey + E opensWindows Explorer showing My Computer. Winkey + F opens the Search panel.Winkey + CTRL + F opens the Search panel with Search for Computersmodule selected. Winkey + F1 opens Help. Winkey + M minimizes all.Winkey + SHIFT+ M undoes minimization. Winkey + R opens Run dialog.Winkey + U opens the Utility Manager. Winkey + L locks the computer.6. *What is Active Directory?* Active Directory is anetwork-based object store and service that locates and manages

resources, and makes these resources available to authorized users andgroups. An underlying principle of the Active Directory is thateverything is considered an objectpeople, servers, workstations,printers, documents, and devices. Each object has certain attributes andits own security access control list (ACL).7. *Where are the Windows NT Primary Domain Controller (PDC)and its Backup Domain Controller (BDC) in Server 2003?* The ActiveDirectory replaces them. Now all domain controllers share a multimasterpeer-to-peer read and write relationship that hosts copies of the ActiveDirectory.8. *How long does it take for security changes to bereplicated among the domain controllers?* Security-related modificationsare replicated within a site immediately. These changes include account

and individual user lockout policies, changes to password policies,changes to computer account passwords, and modifications to the LocalSecurity Authority (LSA).9. *What's new in Windows Server 2003 regarding the DNSmanagement?* When DC promotion occurs with an existing forest, theActive Directory Installation Wizard contacts an existing DC to updatethe directory and replicate from the DC the required portions of thedirectory. If the wizard fails to locate a DC, it performs debugging andreports what caused the failure and how to fix the problem. In order tobe located on a network, every DC must register in DNS DC locator DNS


11/20

records. The Active Directory Installation Wizard verifies a properconfiguration of the DNS infrastructure. All DNS configuration debuggingand reporting activity is done with the Active Directory InstallationWizard.10. *When should you create a forest?* Organizations thatoperate on radically different bases may require separate trees withdistinct namespaces. Unique trade or brand names often give rise toseparate DNS identities. Organizations merge or are acquired and namingcontinuity is desired. Organizations form partnerships and jointventures. While access to common resources is desired, a separatelydefined tree can enforce more direct administrative and securityrestrictions.11. *How can you authenticate between forests?* Four types ofauthentication are used across forests: (1) Kerberos and NTLM networklogon for remote access to a server in another forest; (2) Kerberos andNTLM interactive logon for physical logon outside the user's homeforest; (3) Kerberos delegation to N-tier application in another forest;and (4) user principal name (UPN) credentials12. *What snap-in administrative tools are available for ActiveDirectory?* Active Directory Domains and Trusts Manager, ActiveDirectory Sites and Services Manager, Active Directory Users and GroupManager, Active Directory Replication (optional, available from theResource Kit), Active Directory Schema Manager (optional, available fromadminpak)

13. *What types of classes exist in Windows Server 2003 ActiveDirectory?*1. *Structural class*. The structural classis important to the system administrator in that it is the only typefrom which new Active Directory objects are created. Structural classesare developed from either the modification of an existing structuraltype or the use of one or more abstract classes.2. *Abstract class*. Abstract classes are sonamed because they take the form of templates that actually create othertemplates (abstracts) and structural and auxiliary classes. Think ofabstract classes as frameworks for the defining objects.3. *Auxiliary class*. The auxiliary class isa list of attributes. Rather than apply numerous attributes when

creating a structural class, it provides a streamlined alternative byapplying a combination of attributes with a single include action.4. *88 class*. The 88 class includes objectclasses defined prior to 1993, when the 1988 X.500 specification wasadopted. This type does not use the structural, abstract, and auxiliarydefinitions, nor is it in common use for the development of objects inWindows Server 2003 environments.14. *How do you delete a lingering object?* Windows Server 2003provides a command called Repadmin that provides the ability to deletelingering objects in the Active Directory.15. *What is Global Catalog?* The Global Catalog authenticatesnetwork user logons and fields inquiries about objects across a forestor tree. Every domain has at least one GC that is hosted on a domain

controller. In Windows 2000, there was typically one GC on every site inorder to prevent user logon failures across the network.16. *How is user account security established in Windows Server2003?* When an account is created, it is given a unique access numberknown as a security identifier (SID). Every group to which the userbelongs has an associated SID. The user and related group SIDs togetherform the user account's security token, which determines access levelsto objects throughout the system and network. SIDs from the securitytoken are mapped to the access control list (ACL) of any object the userattempts to access.


12/20

17. *If I delete a user and then create a new account with thesame username and password, would the SID and permissions stay thesame?* No. If you delete a user account and attempt to recreate it withthe same user name and password, the SID will be different.18. *What do you do with secure sign-ons in an organization withmany roaming users?* Credential Management feature of Windows Server2003 provides a consistent single sign-on experience for users. This canbe useful for roaming users who move between computer systems. TheCredential Management feature provides a secure store of usercredentials that includes passwords and X.509 certificates.19. *Anything special you should do when adding a user that hasa Mac?* Save password as encrypted clear text must be selected on UserProperties Account Tab Options, since the Macs only store theirpasswords that way.20. *What remote access options does Windows Server 2003support?* Dial-in, VPN, dial-in with callback.21. *Where are the documents and settings for the roamingprofile stored?* All the documents and environmental settings for theroaming user are stored locally on the system, and, when the user logsoff, all changes to the locally stored profile are copied to the sharedserver folder. Therefore, the first time a roaming user logs on to a newsystem the logon process may take some time, depending on how large hisprofile folder is.22. *Where are the settings for all the users stored on a given

machine?* \Document and Settings\All Users23. *What languages can you use for log-on scripts?* JavaScipt,VBScript, DOS batch files (.com, .bat, or even .exe)24. *What's the difference between local, global and universalgroups?* Domain local groups assign access permissions to global domaingroups for local domain resources. Global groups provide access toresources in other trusted domains. Universal groups grant access toresources in all trusted domains.25. *I am trying to create a new universal user group. Why can'tI?* Universal groups are allowed only in native-mode Windows Server 2003environments. Native mode requires that all domain controllers bepromoted to Windows Server 2003 Active Directory.26. *What is LSDOU?* It's group policy inheritance model, where

the policies are applied to *L*ocal machines, *S*ites, *D*omains and*O*rganizational *U*nits.27. *Why doesn't LSDOU work under Windows NT?* If the/NTConfig.pol/ file exist, it has the highest priority among thenumerous policies.28. *Where are group policies stored?*%SystemRoot%System32\GroupPolicy29. *What is GPT and GPC?* Group policy template and grouppolicy container.30. *Where is GPT stored?*%SystemRoot%\SYSVOL\sysvol\domainname\Policies\GUID31. *You change the group policies, and now the computer anduser settings are in conflict. Which one has the highest priority?* The

computer settings take priority.32. *You want to set up remote installation procedure, but donot want the user to gain access over it. What do you do?* gponame>User Configuration> Windows Settings> Remote Installation Services>Choice Options is your friend.33. *What's contained in administrative template conf.adm?*Microsoft NetMeeting policies34. *How can you restrict running certain applications on amachine?* Via group policy, security settings for the group, thenSoftware Restriction Policies.


13/20

35. *You need to automatically install an app, but MSI file isnot available. What do you do?* A /.zap/ text file can be used to addapplications using the Software Installer, rather than the WindowsInstaller.36. *What's the difference between Software Installer andWindows Installer?* The former has fewer privileges and will probablyrequire user intervention. Plus, it uses .zap files.37. *What can be restricted on Windows Server 2003 that wasn'tthere in previous products?* Group Policy in Windows Server 2003determines a users right to modify network and dial-up TCP/IPproperties. Users may be selectively restricted from modifying their IPaddress and other network configuration parameters.38. *How frequently is the client policy refreshed?* 90 minutesgive or take.39. *Where is */*secedit*/*?* It's now /gpupdate/.40. *You want to create a new group policy but do not wish toinherit*. Make sure you check *Block inheritance* among the options whencreating the policy.41. *What is tattooing the Registry?* The user can view andmodify user preferences that are not stored in maintained portions ofthe Registry. If the group policy is removed or changed, the userpreference will persist in the Registry.42. *How do you fight tattooing in NT/2000 installations?* Youcan't.

43. *How do you fight tattooing in 2003 installations? *UserConfiguration - Administrative Templates - System - Group Policy -enable - Enforce Show Policies Only.

*_WHAT IS THE DIFFERENCE BETWEEN X86 AND I386 COMPUTER_*X86 Is A Hardware Architecture Used By Intel Based CPU s While I386 IsThe File Folder Resides In Windows Installation CD, Contains All TheNecessary Windows Installation Files.x86 refers to a popular set of instructions most commonly used inprocessors fromIntel, AMD, VIA, and others. It usually implies a binary compatibilitywith the 32-bit instruction set of the 80386 (a.k.a. i386).

i386 (as eluded to above) is the common name for the Intel386 (or 80386)based PCs. It is sometimes emphasized as x86-32 (for 32-bit) and x86-64(also called x64 - for 64-bit).

*INTERRUPT "TRAP" WHAT IS THIS TRAP?*There are two hinderances to a process. Interrupt and trap.Interrupt is when the process needs some I/O services whereas trapoccurs due to some fault or exception in the code.How does multithreading take place on a computer with a single CPUThe operating system s task scheduler allocates execution time tomultiple tasks. Byquickly switching between executing tasks, it createsthe impression that tasks executesequentially.By quickly switching among executing tasks, it creates the impression

that the tasks execute *simultaneously*. If it didn

t switch among thetasks, they would execute sequentially.multi-threading has two forms, theory and reality. In theory,multi-threading is suppose to be the same as "multi-tasking" which meansdo two different task at the same time. Not possible on a single CPUunless you consider GPU and ALU which generally we do not (considerthem). In reality, multi-threading does more than create an illusion, itallows computers to shut down a program in infinite loop by creatinganother thread so CPU executes one iteration of the loop, switch to thekill thread and terminates the loop. Multi-tasking was suppose to do


14/20

that but not as well handled.Hyperthreading processors have more than oneexecution units but only one processor core, thats how multiple tasksare performed simultaneouslywhat is the difference between blocking and waiting state of process ?I think blocking state of a process is that state when it reaches tothat state cannot be regained, but in case of wating state it can go inblocked state or go in running state again. Overall blocked state willbe starvation state of a process.A "waiting" process has been loaded into main memory and is waitingexecution on a CPU.When a process is "blocked" on a resource (such as afile, a semaphore or adevice), it will be removed from the CPU (as a blocked process cannotcontinue execution) and will be in the blocked state.A blocking state is the state in which the process is waiting for someoperation to get completed.It can be an I/O operaion,or someInter-Process-communication. The process can not execute furthur withoutthese signals.A waiting state is the state in which the process is ready to run butthe processor isnot idle.When the operation on the blocked process complete, it will move in to

the waiting state.A process is said to be in *waiting state* when it is queuing in themain memory for its turn to be executed. Whereas, the process enters a*blocked state* in case of any interrupt or due to unavailability ofresources. If it is no more in execution for a long time , it is swappedout of main memory and called back when the requested resource is available.*Important point*: A process cannot enter running state from blockedstate. The process first has to go to the waiting state and then torunning state.I hope that answers the question.*WHAT IS SUPERSCOP?*A superscope is an administrative feature of DHCP servers runningWindows Server 2003 that you can create and manage through the DHCP

console. Using a superscope, you can group multiple scopes as a singleadministrative entity. With this feature, a DHCP server can:Support DHCP clients on a single physical network segment (such as asingle Ethernet LAN segment) where multiple logical IP networks are used. Whenmore than one logical IP network is used on each physical subnet ornetwork, such configurations are often called multinets.Support remote DHCP clients located on the far side of DHCP and BOOTPrelay agents (where the network on the far side of the relay agent usesmultinets).

Posted by Saikiran at 3:29 AM

Email ThisBlogThis!


15/20

3569962427&target=blog>Shareto TwitterShareto FacebookShareto Pinterest

10 comments:

1. AnonymousApril 23, 2012 at 1:07 PM

Thanks a lot it was very handy and informative

Reply Delete

2. Ganesan K July 27, 2012 at 9:02 PM

Very good Article.

DHCP Interview Question Answers

Reply Delete

3. mohsin4u August 21, 2012 at 3:32 AM

really it is a very good data thanks alot,

Reply Delete

4. Ramesh Singupurapu October 17, 2013 at 4:40 AM

Nice Collection..but Updates are required. i mean 2008 R2,2012

Reply Delete


16/20

5. AnonymousOctober 26, 2013 at 6:08 AM

Very informative . it would be more usefull if there are any scenario based troubleshooting steps . Like if we get any error on server how to troubleshoot them.....

Reply Delete 6. Balaji December 26, 2013 at 10:05 PM

good post, keep update.

Reply Delete 7. TechieBird January 11, 2014 at 11:19 PM

For TOP interview Q&A visit www.techiebird.com

Reply Delete

8. Zunaid Khan February 25, 2014 at 12:30 PM

its good :)

Reply Delete 9.

wap exp March 24, 2014 at 12:26 AM

It is genuinely unpredictable to analyze benefits of all endorsements as there are numerous classes yet we can

t deny their importance in the relevant field of work. A vast part of the specialists are harmonized on the essentialness of being affirmed without any mistrust as it opens entryway towards triumph as it is


17/20

not conceivable to click here enter to prestigious associations accepting that you are not Certified with your pertinent seller. Despite the most essential issue comes as an essential concern how to get accomplishment in these affirmations as none of them is so basic, consequently we have to profit benefits by a master teacher who could guide us, and astounding study material is likewise required. For this, we will prescribe you to get superb study material from Theexamcollection that will verify.

Reply Delete 10. shumail kalsoom June 6, 2014 at 6:11 AM

All through history, worldwide exchange has prompted the formation of discretion hardware and legitimate skeletons. Redovisning Skellefte looking to the eventual fate of discretion, one comparatively need to take a gander at the present

and future needs of universal business practice to consider what future advancements will happen in the field of worldwide business mediation.

Reply Delete

Add comment Load more...

Older Post HomeSubscribe to: Post Comments (Atom)

Google+ Followers

About Me

My Photo

Saikiran

View my complete profile


18/20

Search on This Blog

powered by

SYSTEM ADMIN

* Introduction of Network * Types of Networks * Network Devices * Topology

* History of Microsoft Network O/s * IP-Address * Active Directory * Installation of AD * Removal of AD * Addittional DC * Active Directory Component

* Practical Steps for Site * Ntds.Dit * FSMO ROLES * Transfer of Roles * Global Catalog * Installing Child Domain * New Domain Tree in Existing Forest * Trust Relationship * Member Server * User Management * Editing Policies * Sharing * Profiles


19/20

* Offline Folder * Distributed File System * Disk Quotas * Delegate Control * Group Policy * Software Deployment * Folder Redirection * Scripts * Backup * Restoration

OTHER STUFF

* Windows admin interview questions

* OS Interview Questions * 2008 Requirements * Active Directory FAQ * FAT & NTFS * Windows shortcut keys

Total Pageviews

78,171

Is this blog helpful to you ?

Search on Web


20/20

Network Admin

* Domain Name Service * Dynamic Host Configuration Protocol * File Transfer Protocol * Groups * Routing * Disk Management * Storage * Advanced * Backup * Internet Information Service * Exchange Server Interview Questions and Answers

[NetworkedBlogs] Follow this blog

Feedjit

Simple template. Template images by caracterdesign.Powered by Blogger .

i m done watching this

MCITP Windows Admin Interview Questions

Documents

Transcript of MCITP Windows Admin Interview Questions