common interview-questions by iict
TRANSCRIPT
Common HR questions:
1. Tell me about yourself.
Since this is often the opening question in an interview, be extra careful that you don’t run off at the mouth. Keep your answer to a minute or two at most. Cover four topics: early years, education, work history, and recent career experience. Emphasize this last subject. Remember that this is likely to be a warm-up question. Don’t waste your best points on it.
2. What do you know about our organization?
You should be able to discuss products or services, revenues, reputation, image, goals, problems, management style, people, history and philosophy. But don’t act as if you know everything about the place. Let your answer show that you have taken the time to do some research, but don’t overwhelm the interviewer, and make it clear that you wish to learn more.
You might start your answer in this manner: “In my job search, I’ve investigated a number of companies.
Yours is one of the few that interests me, for these reasons…”
Give your answer a positive tone. Don’t say, “Well, everyone tells me that you’re in all sorts of trouble, and that’s why I’m here”, even if that is why you’re there.
3. Why do you want to work for us?
The deadliest answer you can give is “Because I like people.” What else would you like-animals?
Here, and throughout the interview, a good answer comes from having done your homework so that you can speak in terms of the company’s needs. You might say that your research has shown that the company is doing things you would like to be involved with, and that it’s doing them in ways that greatly interest you. For example, if the organization is known for strong management, your answer should mention that fact and show that you would like to be a part of that team. If the company places a great deal of emphasis on research and development, emphasize the fact that you want to create new things and that you know this is a place in which such activity is encouraged. If the organization stresses financial controls, your answer should mention a reverence for numbers.
If you feel that you have to concoct an answer to this question – if, for example, the company stresses research, and you feel that you should mention it even though it really doesn’t interest you- then you probably should not be taking that interview, because you probably shouldn’t be considering a job with that organization.
Your homework should include learning enough about the company to avoid approaching places where you wouldn’t be able -or wouldn’t want- to function. Since most of us are poor liars, it’s difficult to con anyone in an interview. But even if you should succeed at it, your prize is a job you don’t really want.
4. What can you do for us that someone else can’t?
Here you have every right, and perhaps an obligation, to toot your own horn and be a bit egotistical. Talk about your record of getting things done, and mention specifics from your resume or list of career
accomplishments. Say that your skills and interests, combined with this history of getting results, make you valuable. Mention your ability to set priorities, identify problems, and use your experience and energy to solve them.
5. What do you find most attractive about this position? What seems least attractive about it?
List three or four attractive factors of the job, and mention a single, minor, unattractive item.
6. Why should we hire you?
Create your answer by thinking in terms of your ability, your experience, and your energy. (See question 4.)
7. What do you look for in a job?
Keep your answer oriented to opportunities at this organization. Talk about your desire to perform and be recognized for your contributions. Make your answer oriented toward opportunity rather than personal security.
8. Please give me your definition of [the position for which you are being interviewed].
Keep your answer brief and task oriented. Think in terms of responsibilities and accountability. Make sure that you really do understand what the position involves before you attempt an answer. If you are not certain, ask the interviewer; he / she may answer the question for you.
9. How long would it take you to make a meaningful contribution to our firm?
Be realistic. Say that, while you would expect to meet pressing demands and pull your own weight from the first day, it might take six months to a year before you could expect to know the organization and its needs well enough to make a major contribution.
10. How long would you stay with us?
Say that you are interested in a career with the organization, but admit that you would have to continue to feel challenged to remain with any organization. Think in terms of, “As long as we both feel achievement-oriented.”
11. Your resume suggests that you may be over-qualified or too experienced for this position. What’s Your opinion?
Emphasize your interest in establishing a long-term association with the organization, and say that you assume that if you perform well in his job, new opportunities will open up for you. Mention that a strong company needs a strong staff. Observe that experienced executives are always at a premium. Suggest that since you are so well qualified, the employer will get a fast return on his investment. Say that a growing, energetic company can never have too much talent.
12. What is your management style?
You should know enough about the company’s style to know that your management style will complement it. Possible styles include: task oriented (I’ll enjoy problem-solving identifying what’s wrong, choosing a solution and implementing it”), results-oriented (“Every management decision I make is
determined by how it will affect the bottom line”), or even paternalistic (“I’m committed to taking care of my subordinates and pointing them in the right direction”).
A participative style is currently quite popular: an open-door method of managing in which you get things done by motivating people and delegating responsibility.
As you consider this question, think about whether your style will let you work happily and effectively within the organization.
13. Are you a good manager? Can you give me some examples? Do you feel that you have top managerial potential?
Keep your answer achievement and ask-oriented. Rely on example to buttress your argument. Stress your experience and your energy.
14. What do you look for when You hire people?
Think in terms of skills, initiative, and the adaptability to be able to work comfortably and effectively with others. Mention that you like to hire people who appear capable of moving up in the organization.
15. Have you ever had to fire people? What were the reasons, and how did you handle the situation?
Admit that the situation was not easy, but say that it worked out well, both for the company and, you think, for the individ
ual. Show that, like anyone else, you don’t enjoy unpleasant tasks but that you can resolve them efficiently and -in the case of firing someone- humanely.
16. What do you think is the most difficult thing about being a manager or executive?
Mention planning, execution, and cost-control. The most difficult task is to motivate and manage employees to get something planned and completed on time and within the budget.
17. What important trends do you see in our industry?
Be prepared with two or three trends that illustrate how well you understand your industry. You might consider technological challenges or opportunities, economic conditions, or even regulatory demands as you collect your thoughts about the direction in which your business is heading.
18. Why are you leaving (did you leave) your present (last) job?
Be brief, to the point, and as honest as you can without hurting yourself. Refer back to the planning phase of your job search. where you considered this topic as you set your reference statements. If you were laid off in an across-the-board cutback, say so; otherwise, indicate that the move was your decision, the result of your action. Do not mention personality conflicts.
The interviewer may spend some time probing you on this issue, particularly if it is clear that you were terminated. The “We agreed to disagree” approach may be useful. Remember hat your references are likely to be checked, so don’t concoct a story for an interview.
19. How do you feel about leaving all your benefits to find a new job?
Mention that you are concerned, naturally, but not panicked. You are willing to accept some risk to find the right job for yourself. Don’t suggest that security might interest you more than getting the job done successfully.
20. In your current (last) position, what features do (did) you like the most? The least?
Be careful and be positive. Describe more features that you liked than disliked. Don’t cite personality problems. If you make your last job sound terrible, an interviewer may wonder why you remained there until now.
21. What do you think of your boss?
Be as positive as you can. A potential boss is likely to wonder if you might talk about him in similar terms at some point in the future.
22. Why aren’t you earning more at your age?
Say that this is one reason that you are conducting this job search. Don’t be defensive.
23. What do you feel this position should pay?
Salary is a delicate topic. We suggest that you defer tying yourself to a precise figure for as long as you can do so politely. You might say, “I understand that the range for this job is between Rs.______ and Rs.______. That seems appropriate for the job as I understand it.” You might answer the question with a question: “Perhaps you can help me on this one. Can you tell me if there is a range for similar jobs in the organization?”
If you are asked the question during an initial screening interview, you might say that you feel you need to know more about the position’s responsibilities before you could give a meaningful answer to that question. Here, too, either by asking the interviewer or search executive (if one is involved), or in research done as part of your homework, you can try to find out whether there is a salary grade attached to the job. If there is, and if you can live with it, say that the range seems right to you.
If the interviewer continues to probe, you might say, “You know that I’m making Rs.______ now. Like everyone else, I’d like to improve on that figure, but my major interest is with the job itself.” Remember that the act of taking a new job does not, in and of itself, make you worth more money.
If a search firm is involved, your contact there may be able to help with the salary question. He or she may even be able to run interference for you. If, for instance, he tells you what the position pays, and you tell him that you are earning that amount now and would like to do a bit better, he might go back to the employer and propose that you be offered an additional 10%.
If no price range is attached to the job, and the interviewer continues to press the subject, then you will have to respond with a number. You cannot leave the impression that it does not really matter, that you’ll accept whatever is offered. If you’ve been making Rs. 3,00,000a year, you can’t say that a Rs. 2,00,000 figure would be fine without sounding as if you’ve given up on yourself. (If you are making a radical career change, however, this kind of disparity may be more reasonable and understandable.)
Don’t sell yourself short, but continue to stress the fact that the job itself is the most important thing in your mind. The interviewer may be trying to determine just how much you want the job. Don’t leave the
impression that money is the only thing that is important to you. Link questions of salary to the work itself.
But whenever possible, say as little as you can about salary until you reach the “final” stage of the interview process. At that point, you know that the company is genuinely interested in you and that it is likely to be flexible in salary negotiations.
24. What are your long-range goals?
Refer back to the planning phase of your job search. Don’t answer, “I want the job you’ve advertised.” Relate your goals to the company you are interviewing: ‘in a firm like yours, I would like to…”
25. How successful do you you’ve been so far?
Say that, all-in-all; you’re happy with the way your career has progressed so far. Given the normal ups and downs of life, you feel that you’ve done quite well and have no complaints.
Present a positive and confident picture of yourself, but don’t overstate your case. An answer like, “Everything’s wonderful! I can’t think of a time when things were going better! I’m overjoyed!” is likely to make an interviewer wonder whether you’re trying to fool him / her or yourself. The most convincing confidence is usually quiet confidence.
Q. Please describe the technical environment of your current (or most recent) position.
A. When describing the technical environment that you currently support, be sure to include the number of users you support, the number of IT staff, the technical infrastructure including servers, types of connections, desktop operating systems, your job duties, and your work schedule.
You should be prepared to talk about each of the positions you have listed on your résumé in this way. Also be prepared with a follow-up statement of your most significant accomplishment.
Q. How do you keep your technical knowledge and skills current?
A. Keeping your skills current demonstrates initiative and a desire to perform at high standards. Be prepared with a list of resources including professional groups.
Q. Please describe your greatest technical challenge and how you overcame it.
A. Ah, an opportunity for a story. Great examples to draw on: how you taught yourself a new operating system, the installation of a complex system, integration of multiple systems, building of an e-commerce web site.
Q. What are some of the tools you use to make your job easier?
A. All network administrators have a bag of tricks. You should share some of your trade secrets as a way of demonstrating that you can be efficient in your job as a network administrator. These can include ghosting tools, troubleshooting tools, and documentation tools.
Q. How do you document your network?
A. One of the toughest parts of network administration is keeping track of an always changing
environment. You must have basic documentation for user administration, file system planning, and address planning. Share your documentation with your interviewer.
Planning Questions
The interviewer will be interested in your network planning methodologies. The following questions provide insight into these skills.
Q. What are some of the things you need to take into consideration when planning an upgrade from one network operating system to another?
A. This is the mother of all planning activities because it will affect so many resources. The key here is testing and backups and that’s what the interviewer wants to hear. Other considerations include:
Network documentation
Ensuring that your hardware meets the minimum hardware requirements for the new operating system
Creating a test network for testing the compatibility of applications, hardware, and drivers with the new operating system
Gathering all updated drivers and patches/service packs required for upgrade compatibility
Identifying workflow issues before converting
Separating workstation conversions from server conversions
Ensuring you have backups of data and the servers so that you can revert back
Network addressing scheme
Q. Describe the backup/restore policy you use most.
A. First of all, the interviewer wants to ensure that you do backups! There are different methods, but the most common backup strategy used is to perform incremental backups Monday through Thursday and a normal backup on Friday. An alternative backup strategy is to perform differential backups Monday through Thursday and a normal backup on Friday.
Q. How would you ensure that your servers are secure?
A. Security always begins at the physical level—it makes little difference that you’ve provided all the security the operating system and software can provide if someone can walk away with the box or the portable hard drive. The next step is to ensure you have the latest service packs for the operating system and applications running on the server.
Installation
Q. What steps do you go through as part of your server installation process?
A. The interviewer wants to know whether your typical work habits are to just jump in or whether you do some planning. You obviously want to ensure that your hardware meets the minimum requirements, that you have all the right drivers for the new operating system, and whether you need a ROM upgrade
for your hardware. Depending on how many installations you’ve done, you may have a process that you like to follow. If you do, describe it to the interviewer.
Q. How do you determine which file system is best for your environment?
A. This question tests how well you plan for a variety of different environments. The key here is to take into consideration the file format support required for backward compatibility with other operating systems like NetWare or older versions of Windows NT. You’ll also want to make sure there’s enough disk space for drivers and files that must reside in the system partition, as well as space for a dump file if anything goes wrong.
Q. What’s the first thing you should do after installing the network operating system?
A. This is a test of your security skills. The first thing you should do is either change the password on the administrator account or change the name of the account itself.
Q. You just installed a service pack on the e-mail, SQL, print, and file servers. You rebooted all the servers, and now the service pack installation is complete. What’s the final step for the evening?
A. The interviewer wants to make sure that testing is an integral part of your routine whenever you install software or make updates to systems. You may also want to review the Event Viewer logs and look for any errors that have been registered. It’s a good idea to also examine the administrative interfaces for SQL and the e-mail server to satisfy yourself that no anomalies have appeared there.
Configuration
Ninety percent of your day is spent configuring network services, whether it’s installing applications, creating users, or adding printers.
Q. A user has left the company and you need to create a new user with the same rights and permissions. What are some of the ways to create the new user?
A. By asking you to describe multiple ways of getting the job done, the interviewer can assess your experience level with the operating system. Some of the correct answers to this question include the following:
You could copy an existing user’s account to create a new account. However, the rights and permissions for the new, copied account will be based purely on its group memberships, not permissions g
ranted strictly to the original account itself.
Using Active Directory, you could use the CSVDE.exe program to create a new account with specific group memberships; however, this program is usually intended for bulk creation of accounts in your domain.
You could create the new account from scratch, assigning group permissions or individual rights manually.
Q. What are some of the alternative ways for mapping a drive letter to a file server if you wish to connect to one of the server’s shared folders?
A. This question tests your experience by asking for alternate methods of getting the job done. In addition to mapped drives you can use a Universal Naming Convention path: \\servername\ sharename. You can also browse the Network Neighborhood.
Q. You shared a printer from your server. What could you do to ensure that the printer is easily accessible to your Windows clients?
A. You may have to support older clients on your network. This question tests your experience with older technology. In this case, you should load the Windows 98 printer drivers on the share point.
Q. How large can I make a file allocation table partition using the NT operating system?
A. This question tests your familiarity with system capabilities and limitations. The maximum FAT partition size is 4 gigabytes.
Q. Is it necessary for an NT client computer to use the server’s name in that UNC path?
A. There are typically multiple ways of accomplishing the same task. Thank goodness, because you sometimes need them while troubleshooting. Using very basic questions, the interviewer can assess your real knowledge and experience with various operating systems. In this case, you can also use the server’s TCP/IP address.
Q. We are creating a web site on our NT server using Internet Information Server 4.0. We expect users to log on anonymously. How many client access licenses must we purchase to allow up to 100 simultaneous connections to our web site?
A. This is a trick question to see if you understand the concept of user licensed connections. Anonymous logons on IIS 4.0 do not require client access licenses.
Troubleshooting
Q. A user contacts you and reports that their Windows 2000 workstation is having troubleconnecting to the Web. You run the ipconfig command on the computer and you find that the computer is not referencing the correct primary DNS server. What must you do to remedy this?
A. Using this question, the interviewer can assess your routing troubleshooting skills, an essential part of network administration. In this case, you would want to check the primary DNS setting in the IP configuration of the computer. If ipconfig shows a setting for the default DNS server other than what you want, this means the computer’s IP configuration is incorrect. Therefore, the Windows 2000 client computer needs to be reconfigured.
Q. Users are complaining of slow performance when they run server-based applications.
The server has the following specifications:
> Compaq 1600
> 800 MHz Pentium 3
> 256MB of RAM
> 18GB EIDE hard drive
> 10/100 NIC
> Connected to a Cisco switch
The performance monitor shows the following:
Memory Pages/Sec: 5
Physical Disk % Disk Time: 20 percent
Processor % Processor Time: 90 percent
What is the best way to improve the system’s performance?
A. This question tests your knowledge of server optimization. In this case, the recommendation should be to upgrade the processor. Microsoft recommends you do so if the CPU utilization averages over 70 to 75 percent.
Q. A user is having trouble sharing a folder from their NT Workstation. What is a likely cause?
A. The interviewer is testing your basic knowledge of rights. In order to share a folder you must be logged on as an administrator, server operator (in a domain), or power user (in a workgroup).
Q. You’ve shared a folder and set the share permissions to “Everyone = Full Control.” However,none of the users can save information in the folder. What’s the likely cause?
A. This is another question that tests your knowledge of permissions. The likely cause is that someone has set the NTFS permissions in a more restrictive manner than the share permissions. Between those two categories of permissions, the more restrictive of the two always applies to users accessing the folder over the network.
Q. What is the most likely cause for the failure of a user to connect to an NT remote accessserver?
A. Supporting remote users may be a big part of your job. It’s important to understand the proper configuration and troubleshooting of the NT RAS. In this case, the user must be granted the RAS dial-in permission.
Q. A remote user in Montana, who is not technical and is scared to death of computers, calls for help. The user logged in to your network via the terminal server. You determine that the solution to the user’s problem requires an edit of a hidden read-only file, deleting a system file in the winnt\system32 folder, and creating a simple batch file on the user’s computer. What tools would you use to resolve this problem?
A. This question tests your ability for remote troubleshooting. An administrator can edit these files on the user’s computer by connecting to it over the network via the Computer Management console in Windows 2000. Using this console, you can access the administrative shares (C$, D$, and so on) that represent the partitions on the user’s computer. From there, you can edit or create any files necessary to repair the problem.
.
Active Directory
In order to manage an Active Directory Services environment, you must be comfortable with planning, security and permissions, authentication, and synchronization. The following questions may be asked by the interviewer to assess your experience with performing these functions.
Q. What rights must your logged-in account have when creating a Windows 2000 forest?
A. You must understand rights and permissions thoroughly. In this instance, the account must have administrative rights on the Windows 2000 server used to create the new forest.
Q. What rights must your account have when adding a domain to an existing forest?
A. In this case, you must be a member of the Enterprise Administrators group.
Q. My account has the proper rights, but when I try to create a new domain I get an errormessage stating that the Domain Naming Master cannot be contacted. What does this mean?
A. An experienced network administrator will be able to readily troubleshoot for problems such as this one. This scenario can mean network connectivity issues or a failed Domain Naming Master, which is the domain controller for the forest root domain.
Q. Why is Domain Name System (DNS) so important to an Active Directory forest?
A. As a network administrator you must understand name resolution. DNS is critical to your forest because it possesses all of the service (SRV) records. These records indicate the TCP/IP address and port necessary to locate a specific service offered by a server.
Q. Does the DNS server have to be a Windows 2000 server?
A. This is a trick question. DNS is independent of Windows 2000 and so the answer is no. To support Active Directory, the DNS server must support two BIND (Berkeley Internet Name Domain) version standards: 4.9.6 (SRV records) and 8.1.2 (dynamic updates).
Q. What rights does a user need in order to create computer accounts in an Active Directorydomain?
A. By default, a user only needs to be recognized as a member of the Authenticated Users group to add workstations to a domain. This permission is established in the Default Domain Controllers policy, and permits users to create up to ten accounts.
Q. Is it possible to have entirely separate domain name spaces within the same forest?
A. When it comes to Active Directory, you must have a thorough understanding of forest limitations. In this case, you can have multiple domain name spaces within the same forest.
Q. Do clocks synchronize automatically between Windows 2000 computers?
A. This question tests your understanding of Active Directory synchronization. Clocks do synchronize only within a domain. The Primary Domain Controller Emulator handles this task for you. But there is no
server that automatically synchronizes clocks between your separate domains.
Q. To create Group Policy objects in a domain, what group must you be a member of?
A. You must be a member of the Group Policy Creator Owners group in your domain to create these objects.
Q. Is it possible to prevent the application of a Group Policy to a user account within one of our organizational units?
A. To prevent the application of a
Group Policy to a user, you would deny the Read and Apply Group Policy permissions to the user in that organizational unit.
Q. Is it possible to schedule replication between two domain controllers in Active Directory?
A. This question assesses your knowledge of configuration options for domain controllers within Active Directory. In this case, place the domain controllers in different sites. Then set the schedule on the Site Link object that connects the sites.
Q. My Windows 98 users cannot search for published objects in our Active Directory domain. How do I add this capability to their computers?
A. Add the DSClient utility to their computers from the Windows 2000 Server CD.
Q. What are some of the ways of propagating permissions set on an Active Directory object to lower-level child objects?
A. Administering security is a big part of an administrator’s job. One way to accomplish this task is the following: On the Security tab of the parent object, click the Advanced button. Using the special permissions list, be sure to select “Apply onto…This object and all child objects.” Another method is to use the Delegation of Control Wizard.
Q. An organization is running a web site using Internet Information Server 5.0 on a Windows2000 Server. The site allows both Anonymous and Integrated Windows authentication. When our domain users connect to the site, which authentication method is used?
A. Understanding authentication modes is a critical part to troubleshooting and effectively securing resources. In this case, they will authenticate as the Anonymous account. An exception to this would be seen if the Anonymous account lacked permissions to a particular resource on the web site, in which case Integrated Windows authentication would be attempted.
Q. How can I move the Active Directory database and log files to a different drive on thedomain controller?
A. This can be accomplished by rebooting the domain controller using Directory Services Restore Mode and running the ntdsutil tool.
Q. An administrator accidentally deleted an entire organizational unit containing 200 users from our domain. How can you recover the organizational unit?
A. Everyone has these types of situations. You must know how to recover from these mistakes. In this case, rebooting a domain controller using Directory Services Restore Mode and conducting an authoritative restore of the OU from a backup will solve the problem.
Q. We demoted our Primary Domain Controller Emulator to become a member server in our domain. What do we need to do to transfer the PDC Emulator role to another domain controller?
A. This question tests how well you understand how the PDC Emulator works. In this situation, the role was automatically transferred when the former PDC Emulator was demoted.
I.Here are some questions frequently asked in technical round:
1. We’ve installed a new Windows-based DHCP server, however, the users do not seem to be getting DHCP leases off of it.
The server must be authorized first with the Active Directory.
2. How do you double-boot a Win 2003 server box?
The Boot.ini file is set as read-only, system, and hidden to prevent unwanted editing. To change the Boot.ini timeout and default settings, use the System option in Control Panel from the Advanced tab and select Startup.
3. What do you do if earlier application doesn’t run on Windows Server 2003?
When an application that ran on an earlier legacy version of Windows cannot be loaded during the setup function or if it later malfunctions, you must run the compatibility mode function. This is accomplished by right-clicking the application or setup program and selecting Properties –> Compatibility –> selecting the previously supported operating system.
4. What do you understand by Global Catalog and Global Catalog Server?
The global catalog is a distributed data repository that contains a searchable, partial representation of every object in every domain in a multidomain Active Directory forest. It provides the ability to locate objects from any domain without having to know the domain name.
5. What is GCS ?
A global catalog server is a domain controller. It is a master searchable database that contains information about every object in every domain in a forest. The global catalog contains a complete replica of all objects in Active Directory for its host domain, and contains a partial replica of all objects in Active Directory for every other domain in the forest. It is responsible for providing group membership information during logon and authentication and helps users in locating resources in Active Directory.
6. What snap-in administrative tools are available for Active Directory?
Active Directory Domains and Trusts Manager, Active Directory Sites and Services Manager, Active
Directory Users and Group Manager, Active Directory Replication (optional, available from the Resource Kit), Active Directory Schema Manager (optional, available from adminpak)
7. What’s the difference between local, global and universal groups?
Domain local groups assign access permissions to global domain groups for local domain resources. Global groups provide access to resources in other trusted domains. Universal groups grant access to resources in all trusted domains.
8. I am trying to create a new universal user group. Why can’t I?
Universal groups are allowed only in native-mode Windows Server 2003 environments. Native mode requires that all domain controllers be promoted to Windows Server 2003 Active Directory.
9. What is LSDOU?
It’s group policy inheritance model, where the policies are applied to Local machines, Sites, Domains and Organizational Units.
10.How can you restrict running certain applications on a machine?
We can do this via Group Policy security settings for the group, then Software Restriction Policies.
11.You need to automatically install an app, but MSI file is not available. What do you do?
A .zap text file can be used to add applications using the Software Installer, rather than the Windows Installer.
12.What’s the difference between Software Installer and Windows Installer?
The former has fewer privileges and will probably require user intervention. Plus, it uses .zap files.
13.What does IntelliMirror do?
It helps to reconcile desktop settings, applications, and stored files for users, particularly those who move between workstations or those who must periodically work offline.
14.What’s the major difference between FAT and NTFS on a local machine?
FAT and FAT32 provide no security over locally logged-on users. Only native NTFS provides extensive permission control on both remote and local files.
15.How do FAT and NTFS differ in approach to user shares?
They don’t, both have support for sharing.
16.Can you use Start->Search with DFS shares?
Yes.
17.What problems can you have with DFS installed?
Two users opening the redundant copies of the file at the same time, with no file-locking involved in DFS, changing the contents and then saving. Only one file will be propagated through DFS.
18.I run Microsoft Cluster Server and cannot install fault-tolerant DFS.
Yeah, you can’t. Install a standalone one.
19.Is Kerberos encryption symmetric or asymmetric?
Symmetric
20.How does Windows 2003 Server try to prevent a middle-man attack on encrypted line?
Time stamp is attached to the initial client request, encrypted with the shared key.
21.Can Windows Server 2003 function as a bridge?
Yes, and it’s a new feature for the 2003 product. You can combine several networks and devices connected via several adapters by enabling IP routing.
22.Does Windows Server 2003 support IPv6?
Yes, run ipv6.exe from command line to disable it.
23.What’s the role of http.sys in IIS?
It is the point of contact for all incoming HTTP requests. It listens for requests and queues them until they are all processed, no more queues are available, or the Web server is shut down.
24.Where’s ASP cache located on IIS 6.0?
On disk, as opposed to memory, as it used to be in IIS 5.
--------------------------------------------------------------------------------------------------------
II. Top 100 -2008 R2 server ADS - HR questions & Answer :
Explain three main features of Active Directory?
What do you mean by Active Directory functional levels? How does it help an organization’s network functionality?
What are the Domain and Forest functional levels of Windows Server 2003 AD?
What are the Domain and Forest functional levels of Windows Server 2008 AD?
How to add additional Domain Controller in a remote site with slower WAN link?
How do we install Active Directory in Windows 7 Computer?
What are the prerequisites to install Active Directory in a Server?
What is FSMO role? (Or what are Single Master Operations / Flexible Single Master Operations / Operations Master Role / SMO / OMR?)
Explain Infrastructure Master Role. What will be the impact if DC with Infrastructure Master Role goes down?
What are the two forest specific FSMO roles?
Which FSMO role directly impacting the consistency of Group Policy?
I want to promote a new additional Domain Controller in an existing domain. Which are the groups I should be a member of?
Tell me one easiest way to check all the 5 FSMO roles.
Can I configure two RID masters in a domain?
Can I configure two Infrastructure Master Role in a forest? If yes, please explain.
What will be the impact on the network if Domain Controller with PDC Emulator crashes?
What are the physical components of Active Directory?
What are the logical components of Active Directory?
What are the Active Directory Partitions? (Or what are Active Directory Naming Contexts? Or what is AD NC?)
What is group nesting?
Explain Group Types and Group Scopes?
What is the feature of Domain Local Group?
How will you take Active Directory backup?
What are the Active Directory Restore types?
How is Authoritative Restore different from non-Authoritative Restore?
Explain me, how to restore Active Directory using command line?
Tell me few switches of NTDSUTIL command.
What is a tombstone? What is the tombstone lifetime period?
What do you understand by Garbage Collection? Explain.
What is Lost and Found Container?
Where can I locate Lost and Found Container?
Is Lost and Found Container included in Windows Server 2008 AD?
Have you ever installed Active Directory in a production environment?
Do we use clustering in Active Directory? Why?
What is Active Directory Recycle Bin?
What is RODC? Why do we configure RODC?
How do you check currently forest and domain functional levels? Say both GUI and Command line.
Explain Knowledge Consistency Checker (KCC)
What are the tools used to check and troubleshoot replication of Active Directory?
What is SYSVOL folder used for?
What is the use of Kerberos in Active Directory? Which port is used for Kerberos communication?
Which version of Kerberos is used for Windows 2000/2003 and 2008 Active Directory?
Please name few port numbers related to Active Directory.
What is an FQDN?
Tell me few DS commands and its usage.
Explain Active Directory tree and forest.
What are Intersite and Intrasite replication?
What is shortcut trust?
What is selective Authentication?
Give me brief explanation of different types of Active Directory trusts.
Have you heard of ADAC?
What is the use of ADSIEDIT? How do we install it in Windows Server 2003 AD?
I am unable to create a Universal Security group in my Active Directory? What will be the possible reason?
What is ADMT? What is it used for?
What do you mean by Lingering Objects in AD? How to remove Lingering Objects?
Explain Global Catalog. What kind of AD infrastructure makes most use of Global Catalog?
Global Catalog and Infrastructure master roles cannot be configure in same Domain Controller. Why?
How do you check all the GCs in the forest?
How many objects can be created in Active Directory? (both 2003 and 2008)
Can you explain the process between a user providing his Domain credential to his workstation and the desktop being loaded? Or how the AD authentication works?
What is LDAP?
Which is default location of Active Directory? What are the main files related to AD?
In a large forest environment, why we don’t configure all Domain Controllers as GCs?
What is NETDOM command line tool used for?
What is role seizure? Who do we perform role seizure?
What is ISTG? What is role of ISTG in Active Directory?
Is it possible to find idle users who did not log in for last few months?
Tell me the order of GPO as it applied.
What are the uses of CSVDE and LDIFDE?
What are the differences between a user object and contact object?
What do you mean by Bridge Head server?
What is urgent replication?
Please explain Realm trust.
Explain object class and object attribute.
My organization wants to add new object attribute to the user object. How do you achieve it?
What do you understand about GUID?
What is the command used for Domain Controller decommissioning?
Have you ever planned and implemented Active Directory infrastructure anywhere? Tell me few considerations we have to take during the AD planning.
Name few differences from Windows Server 2003 AD and Windows Server 2008 AD.
Which domain and forest functional level I will select if I am installing Windows Server 2008 AD in an Existing environment where we have Windows Server 2003 Domain Controllers?
What are the replication intervals for Intersite and intrasite replication? Is there any change in 2003 and 2008?
I want to transfer RID master role to a new Domain Controller. What are the steps I need to follow?
Tell me few uses of NTDSUTIL commands?
Name few services that directly impact the functionality of Domain Controller.
You said there are 5 FSMO roles. Please explain what will be the impact on the AD infra if each FSMO roles fails?
What is Active Directory defragmentation? How do you do AD defragmentation? And why do we do it?
Tell me Different between online and offline defragmentation.
How do you uninstall active directory? What are the precautions we have to take before removing active directory?
A user is unable to log into his desktop which is connected to a domain. What are the troubleshooting steps you will consider?
A Domain Controller called ABC is failing replication with XYZ. How do you troubleshoot the issue?
A user account is frequently being locked out. How do you investigate this issue? What will be the possible solution suggest the user?
Imagine you are trying to add a Windows 7 computer to Active Directory domain. But its showing an error ‘Unable to find Domain Controller’. How will you handle this issue?
What are the services required for Active Directory replication?
What is Active Directory application partition? What are the uses of it?
Many users of a network are facing latency while trying to log into their workstations. How do you investigate this problem?
Now, some questions related to Windows Server 2008 Active Directory. What do you mean by IDA? What are the new components of Windows 2K8 Active Directory?
I want to edit the Active Directory Schema. How can I bring Schema editor into my MMC?
Name few Active Directory Built in groups
What are the differences between Enterprise Administrators and Domain Administrators groups?
I have to create 1000 user objects in my Active Directory domain. Who can I achieve that with least administrative effort? Tell me few tools that I can use.
Answers:
Active Directory enables single sign on to access resources on the network such as desktops, shared files, printers etc. Active Directory provides advanced security for the entire network and network resources. Active Directory is more scalable and flexible for administration.
Functional levels help the coexistence of Active Directory versions such as, Windows NT, Windows 2000 Server, Windows Server 2003 and Windows Server 2008. The functional level of a domain or forest controls which advanced features are available in the domain or forest. Although lowest functional levels help to coexist with legacy Active Directory, it will disable some of the new features of Active Directory.
But if you are setting up a new Active Directory environment with latest version of Windows Server and AD, you can set to the highest functional level, thus all the new AD functionality will be enabled.
Windows Server 2003 Domain Functional Levels: Windows 2000 mixed (Default), Windows 2000 native, Windows Server 2003 interim, and Windows Server 2003.
Forest Functional Levels: Windows 2000 (default), Windows Server 2003 interim, Windows Server.
Windows Server 2008 Domain Functional Levels: Windows 2000 Native, Windows Server 2003, Windows Server 2008, Windows Server 2008 R2.
Forest Functional Levels: Windows 2000, Windows Server 2008, Windows Server 2008 R2.
It is possible to take a backup copy of existing Domain Controller, and restore it in Windows Server machine in the remote locations with slower WAN link.
Active Directory is designed for Server Operating System, and it cannot be installed on Windows 7.
Windows Server Operating System. Free hard disk space with NTFS partition. Administrator's privilege on the computer. Network connection with IP address, Subnet Mask, Gateway and DNS address. A DNS server, that can be installed along with first Domain Controller. Windows Server intallation CD or i386 folder.
Flexible Single-Master Operation (FSMO) roles,manage an aspect of the domain or forest, to prevent conflicts, which are handled by Single domain controllers in domain or forest. The tasks which are not suited to multi-master replication, There are 5 FSMO roles, and Schema Master and Domain naming master roles are handled by a single domain controller in a forest, and PDC, RID master and Infrastructure master roles are handled by a single domain controller in each domain.
Infrastrcture master role is a domain-specific role and its purpose is to ensure that cross-domain object references are correctly handled. For example, if you add a user from one domain to a security group from a different domain, the Infrastructure Master makes sure this is done properly.Intrastrcuture master does not have any functions to do in a single domain environment.If the Domain controller with Infrastructure master role goes down in a single domain environemt, there will be no impact at all. Where as, in a complex environment with multiple domains, it may imact creation and modification of groups and group authentication.
Schema Master role and Domain Naming Master role.
PDC Emulator
You should be a member of Enterprise Admins group or the Domain Admins group. Also you should be member of local Administrators group of the member server which you are going to promote as additional Domain Controller.
Use netdom query /domain:YourDomain FSMO command. It will list all the FSMO role handling domain controllers.
No, there should be only one Domain Controller handling RID master role in a Domain.
There should be only one Domain Controller handling Infrastructure master role in a domain. Hence if
you have two domains in a forest, you can configure two Infrastructure masters, one in each domain.
If PDC emulator crashes, there will be immediate impact on the environment. User authentication will fail as password changes wont get effected, and there will be frequent account lock out issues. Network time synchronization will be impacted. It will also impact DFS consistency and Group policy replication as well.
Domain controllers and Sites. Domain controllers are physical computers which is running Windows Server operating system and Active Directory data base. Sites are a network segment based on geographical location and which contains multiple domain controllers in each site.
Domains, Organizational Units, trees and forests are logical components of Active Directory.
Active Directory database is divided into different partitions such as Schema partition, Domain partition, and Configuration partition. Apart from these partitions, we can create Application partition based on the requirement.
Adding one group as a member of another group is called 'group nesting'. This will help for easy administration and reduced replication traffic.
Group types are categorized based on its nature. There are two group types: Security Groups and Distribution Groups. Security groups are used to apply permissions to resources where as distribution groups are used to create Exchange server email communication groups. Group scopes are categorized based on the usage. There are three group types: Domain Local Group, Global Group and Universal Group.
Domain local groups are mainly used for granting access to network resources.A Domain local group can contain accounts from any domain, global groups from any domain and universal groups from any domain. For example, if you want to grant permission to a printer located at Domain A, to 10 users from Domain B, then create a Global group in Domain B and add all 10 users into that Global group. Then, create a Domain local group at Domain A, and add Global group of Domain B to Domain local group of Domain A, then, add Domain local group of Domain A to the printer(of Domain A) security ACL.
Active Directory is backed up along with System State data. System state data includes Local registry, COM+, Boot files, NTDS.DIT and SYSVOL folder. System state can be backed up either using Microsoft's default NTBACKUP tool or third party tools such as Symantech NetBackup, IBM Tivoli Storage Manager etc.
There are two types of Active Directory restores, Authoritative restore and Non-Authoritative restore.
Non-Authoritative means, a normal restore of a single Domain controller in case that particular domain controller OS or hardware crashed. After non-authoritative restoration completed, compares its data base with peer domain controllers in the network and accepts all the directory changes that have been made since the backup. This is done through multi master replication.
Where as, in Authoritative restore, a restored data base of a Domain controller forcefully replicated to all the other domain controllers. Authoritative restore is performed to recover an active directory resource or object(eg. an Organizational Unit) which accidentally deleted and it needs to be restored.
We can use NTDSUTIL command line to perform Authoritative restore of Active Directory. First, start a
domain controller in 'Directory Service Restore Mode'. Then, restore the System State data of Domain controller using NTBACKUP tool. This is non-authoritative restore. Once non-authoritative restore is completed, we have to perform authoritative restore immediately before restarting the Domain Controller.
Open command prompt and type NTDSUTIL and enter, then type authoritative restore and press enter, then type restore database and press enter, click OK and then click Yes. This will restore all the data in authoritative restore mode. If you want to restore only a specific object or sub-tree, you can type below command instead of 'restore database'.
restore subtree ou=OU_Name,dc=Domain_Name,dc=xxx
Authoritative restore, Configurable settings, Partition management, Set DSRM Password etc.
A tombstone is a container object for deleted items from Active Directory database, even if objects are deleted, it will be kept hidden in the active directory data base for a specific period. This period is known as tombstone lifetime. Tombstone lifetime is 180 days on Windows Server 2003 SP1 and later versions of Windows Server.
Garbage collection is a process of Active Directory. This process starts by removing the remains of previously deleted objects from the database. These objects are known as tombstones. Then, the garbage collection process deletes unnecessary log files. And the process starts a defragmentation thread to claim additional free space. The garbage collection process is running on all the domain controllers in an interval of 12 hours.
In multimaster replication method, replication conflicts can happen. Objects with replication conflicts will be stored in a container called 'Lost and Found' container. This container also used to store orphaned user accounts and other objects.
Lost and Found container can be viewed by enabling advanced features from View menu of Active Directory User and Computers MMC.
Yes, it is included.
[Never say no] We had set up an additional domain for a new subsidiary of the firm, and I was a member of the team who handled installation and configuration of domain controllers for the sub domain.[or] I was supporting an existing Active Directory network environment of the company, but I have installed and configured Active Directory in test environment several occasions.
No one installs Active Directory in a cluster. There is no need of clustering a domain controller. Because Active Directory provides total redundancy with two or more servers.
Active Directory Recycle bin is a feature of Windows Server 2008 AD. It helps to restore accidentally deleted Active Directory objects without using a backed up AD database, rebooting domain controller or restarting any services.
Read only domain controller (RODC) is a feature of Windows Server 2008 Operating System. RODC is a read only copy of Active Directory database and it can be deployed in a remote branch office where physical security cannot be guaranteed. RODC provides more improved security and faster log on time for the branch office.
To find out forest and domain functional levels in GUI mode, open ADUC, right click on the domain name and take properties. Both domain and forest functional levels will be listed there. TO find out forest and domain functional levels, you can use DSQUERY command.
KCC can be expanded as Knowledge Consistency Checker. It is a protocol procecss running on all domain controllers, and it generates and maintains the replication topology for replication within sites and between sites.
We can use command line tools such as repadmin and dcdiag. GUI tool REPLMON can also be used for replication monitoring and troubleshooting.
SYSVOL is a folder exits on each domain controller, which contains Actvie Directory related files and folders. SYSVOL mainly stores important elements of Group Policy Objects and scripts, and it is being replicated among domain controllers using File Replication Service (FRS).
Kerberos is a network authentication protocol. Active Directory uses Kerberos for user and resource authentication and trust relationship functionality. Kerberos uses port number 88.
All versions of Windows Server Active Directory use Kerberos 5.
Kerberos 88, LDAP 389, DNS 53, SMB 445.
FQDN can be expanded as Fully Qualified Domain Name.It is a hierarchy of a domain name system which points to a device in the domain at its left most end. For example in system.
Dsadd - to add an object to the directory, Dsget - displays requested properties of an object in AD, Dsmove - Used to move one object from one location to another in the directory, DSquery - To query specific objects.
A tree in Active Directory is a collection of one or more domains which are interconnected and sharing global resources each other. If a tree has more than one domain, it will have contiguous namespace. When we add a new domain in an existing tree, it will be called a child domain.
A forest is a collection of one or more trees which trust each other and sharing a common schema.It also shares common configuration and global catalog. When a forest contains more than one tree, the trees will not form a contiguous namespace.
Replication between domain controllers inside a single site is called Intrasite replication, where as replication between domain controllers located in different sites is called Intersite replication. Intrasite replication will be very frequent, where as Intersite replication will be with specific interval and in a controlled fashion just to preserve network bandwidth.
Shortcut trust is a manually created transitive trust which is configured to enable fast and optimized authentication process.For example, If we create short cut trust between two domains of different trees, they can quickly authenticate each other without traveling through the entire parent domains. short cut trust can be either one-way or two-way.
Selective authentication is generally used in forest trust and external trusts. Selective authentication is a security setting which allows administrators to grant access to shared resources in their organization’s forest to a limited set of users in another organization’s forest. Selective authentication method can
decide which groups of users in a trusted forest can access shared resources in the trusting forest.
Trusts can be categorized by its nature. There can be two-way trust or one-way trust,implicit or explicit trust, transitive or non transitive trust. Trust can be categorized by types, such as parent and child, tree root trust, external trust, realm trust forest trust and shortcut trust.
ADAC- Active Directory Administrative Center is a new GUI tool came with Windows Server 2008 R2, which provides enhanced data management experience to the admin. ADAC helps administrators to perform common Active Directory object management task across multiple domains with the same ADAC instance.
ADSIEDIT- Active Directory Service Interfaces Editor is a GUI tool which is used to perform advanced AD object and attribute management. This Active Directory tool helps us to view objects and attributes that are not visible through normal Active Directory Management Consoles. ADSIEDIT can be downloaded and installed along with Windows Server 2003 Support Tools.
This is due to domain functional level. If domain functional level of Windows Server 2003 AD is Windows 2000 Mixed, Universal Group option will be greyed out. You need to raise domain functional level to Windows 2000 native or above.
ADMT - Active Directory Migration Tool, is a tool which is used for migrating Active Directory objects from one domain to another. ADMT is an effective tool that simplifies the process of migrating users, computers, and groups to new domains.
When a domain controller is disconnected for a period that is longer than the tombstone life time, one or more objects that are deleted from Active Directory on all other domain controllers may remain on the disconnected domain controller. Such objects are called lingering objects. Lingering objects can be removed from Windows Server 2003 or 2008 using REPADMIN utility.
The Global catalog is a container which contains a searchable partial replica of all objects from all domains of the forest, and full replica of all objects from the domain where it is situated. The global catalog is stored on domain controllers that have been designated as global catalog servers and is distributed through multimaster replication. Global catalogs are mostly used in multidomain, multisite and complex forest environment, where as Global catalog does not function in a single domain forest.
5 57. In a forest that contains only a single Active Directory domain, there is no harm in placing both GC and Infrastructure master in same DC, because Infrastructure master does not have any work to do in a single domain environment. But in a forest with multiple and complex domain structure, the infrastructure master should be located on a DC which is not a Global Catalog server. Because the global catalog server holds a partial replica of every object in the forest, the infrastructure master, if placed on a global catalog server, will never update anything, because it does not contain any references to objects that it does not hold.
58. Command line method: nslookup gc._msdcs.<forest root DNS Domain Name>, nltest /dsgetdc:corp /GC. GUI method: Open DNS management, and under ‘Forward Lookup Zone’, click on GC container. To check if a server is GC or not, go to Active Directory Sites and Services MMC and under ‘Servers’ folder, take properties of NTDS settings of the desired DC and find Global Catalog option is checked.
59. As per Microsoft, a single AD domain controller can create around 2.15 billion objects during its lifetime.
When a user enters a user name and password, the computer sends the user name to the KDC. The KDC contains a master database of unique long term keys for every principal in its realm. The KDC looks up the user's master key (KA), which is based on the user's password. The KDC then creates two items: a session key (SA) to share with the user and a Ticket-Granting Ticket (TGT). The TGT includes a second copy of the SA, the user name, and an expiration time. The KDC encrypts this ticket by using its own master key (KKDC), which only the KDC knows. The client computer receives the information from the KDC and runs the user's password through a one-way hashing function, which converts the password into the user's KA. The client computer now has a session key and a TGT so that it can securely communicate with the KDC. The client is now authenticated to the domain and is ready to access other resources in the domain by using the Kerberos protocol.
III. DNS interview Questions:
Windows DNS Server Interview Questions – Part 1
By admin | Published: June 26, 2012
What is the main purpose of a DNS server?
DNS servers are used to resolve FQDN hostnames into IP addresses and vice versa.
What is the port no of dns ?
53.
What is a Forward Lookup?
Resolving Host Names to IP Addresses.
What is Reverse Lookup?
It?s a file contains host names to IP mapping information.
What is a Resource Record?
It is a record provides the information about the resources available in the N/W infrastructure.
What are the diff. DNS Roles?
Standard Primary, Standard Secondary, & AD Integrated.
What is a Zone?
Zone is a sub tree of DNS database.
Secure services in your network require reverse name resolution to make it more difficult to launch successful attacks against the services. To set this up, you configure a reverse lookup zone and proceed to add records. Which record types do you need to create?
PTR Records
SOA records must be included in every zone. What are they used for ?
SOA records contain a TTL value, used by default in all resource records in the zone. SOA records contain the e-mail address of the person who is responsible for maintaining the zone. SOA records contain the current serial number of the zone, which is used in zone transfers.
By default, if the name is not found in the cache or local hosts file, what is the first step the client takes to resolve the FQDN name into an IP address ?
Performs a recursive search through the primary DNS server based on the network interface configuration .
What is primary, Secondary, stub & AD Integrated Zone?
Primary Zone: – zone which is saved as normal text file with filename (.dns) in DBS folder. Maintains a read, write copy of zone database.
Secondary Zone: – maintains a read only copy of zone database on another DNS server. Provides fault tolerance and load balancing by acting as backup server to primary server.
Stub zone: – contains a copy of name server and SOA records used for reducing the DNS search orders. Provides fault tolerance and load balancing.
How do you manually create SRV records in DNS?
This is on windows server go to run —> dnsmgmt.msc rightclick on the zone you want to add srv record to and choose “other new record” and choose service location(srv).
What is the main purpose of SRV records ?
SRV records are used in locating hosts that provide certain network services.
Before installing your first domain controller in the network, you installed a DNS server and created a zone, naming it as you would name your AD domain. However, after the installation of the domain controller, you are unable to locate infrastructure SRV records anywhere in the zone. What is the most likely cause of this failure ?
The zone you created was not configured to allow dynamic updates. The local interface on the DNS server was not configured to allow dynamic updates.
Which of the following conditions must be satisfied to configure dynamic DNS updates for legacy clients ?
The zone to be used for dynamic updates must be configured to allow dynamic updates. The DHCP server must support, and be configured to allow, dynamic updates for legacy clients.
At some point during the name resolution process, the requesting party received authoritative reply. Which further actions are likely to be taken after this reply ?
After receiving the authoritative reply, the resolution process is effectively over.
Name 3 benefits of using AD-integrated zones.
Active Directory integrated DNS enables Active Directory storage and replication of DNS zone databases. Windows 2000 DNS server, the DNS server that is included with Windows 2000 Server, accommodates storing zone data in Active Directory.
When you configure a computer as a DNS server, zones are usually stored as text files on name servers that is, all of the zones required by DNS are stored in a text file on the server computer.
These text files must be synchronized among DNS name servers by using a system that requires a separate replication topology and schedule called a zone transfer However, if you use Active Directory integrated DNS when you configure a domain controller as a DNS name server, zone data is stored as an Active Directory object and is replicated as part of domain replication.
IV. DHCP server Inter view Questions:
Windows Server DHCP Interview Questions
By admin | Published: July 3, 2012
Below is the list of Basic Windows Server DHCP Interview Questions asked in Interviews for the post of Windows System Administrator/ L1/L2/L3 Windows Support Engineer.
What is dhcp ?
Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range of numbers (i.e., a scope) configured for a given network.
What is the dhcp process for client machine?
1. A user turns on a computer with a DHCP client.
2. The client computer sends a broadcast request (called a DISCOVER or DHCPDISCOVER), looking for a DHCP server to answer.
3. The router directs the DISCOVER packet to the correct DHCP server.
4. The server receives the DISCOVER packet. Based on availability and usage policies set on the server, the server determines an appropriate address (if any) to give to the client. The server then temporarily reserves that address for the client and sends back to the client an OFFER (or DHCPOFFER) packet, with
that address information. The server also configures the client’s DNS servers, WINS servers, NTP servers, and sometimes other services as well.
5. The client sends a REQUEST (or DHCPREQUEST) packet, letting the server know that it intends to use the address.
6. The server sends an ACK (or DHCPACK) packet, confirming that the client has a been given a lease on the address for a server-specified period of time.
7.What is dhcp scope ?
DHCP scopes are used to define ranges of addresses from which a DHCP server can assign IP addresses to clients.
8.Types of scopes in windows dhcp ?
Normal Scope – Allows A, B and C Class IP address ranges to be specified including subnet masks, exclusions and reservations. Each normal scope defined must exist within its own subnet.
Multicast Scope – Used to assign IP address ranges for Class D networks. Multicast scopes do not have subnet masks, reservation or other TCP/IP options.
Multicast scope address ranges require that a Time To Live (TTL) value be specified (essentially the number of routers a packet can pass through on the way to its destination).
Superscope – Essentially a collection of scopes grouped together such that they can be enabled and disabled as a single entity.
9.What is Authorizing DHCP Servers in Active Directory ?
If a DHCP server is to operate within an Active Directory domain (and is not running on a domain controller) it must first be authorized.
This can be achieved either as part of the DHCP Server role installation, or subsequently using either DHCP console or at the command prompt using the netsh tool.
If the DHCP server was not authorized during installation, invoke the DHCP console (Start -> All Programs -> Administrative Tools -> DHCP),
right click on the DHCP to be authorized and select Authorize. To achieve the same result from the command prompt, enter the following command:
netsh dhcp server serverID initiate auth
In the above command syntax, serverID is replaced by the IP address or full UNC name of system on which the DHCP server is installed.
10.What ports are used by DHCP and the DHCP clients ?
Requests are on UDP port 68, Server replies on UDP 67 .
11.List some Benefits of using DHCP
DHCP provides the following benefits for administering your TCP/IP-based network:
Safe and reliable configuration.DHCP avoids configuration errors caused by the need to manually type in values at each computer. Also, DHCP helps prevent address conflicts caused by a previously assigned IP address being reused to configure a new computer on the network.
Reduces configuration management.
Using DHCP servers can greatly decrease time spent to configuring and reconfiguring computers on your network. Servers can be configured to supply a full range of additional configuration values when assigning address leases. These values are assigned using DHCP options. Also, the DHCP lease renewal process helps assure that where client configurations need to be updated often (such as users with mobile or portable computers who change locations frequently), these changes can be made efficiently and automatically by clients communicating directly with DHCP servers.
The following section covers issues that affect the use of the DHCP Server service with other services or network configurations. Using DNS servers with DHCP Using Routing and Remote Access servers with DHCP Multihomed DHCP servers.
11.Describe the process of installing a DHCP server in an AD infrastructure ?
Open Windows Components Wizard. Under Components , scroll to and click Networking Services. Click Details . Under Subcomponents of Networking Services , click Dynamic Host Configuration Protocol (DHCP) and then click OK .
Click Next . If prompted, type the full path to the Windows Server 2003 distribution files, and then click Next. Required files are copied to your hard disk.
12.How to authorize a DHCP server in Active Directory Open DHCP ?.
In the console tree, click DHCP
. On the Action menu, click Manage authorized servers.
. The Manage Authorized Servers dialog box appears. Click Authorize.
. When prompted, type the name or IP address of the DHCP server to be authorized, and then click OK.
13.What is DHCPINFORM?
DHCPInform is a DHCP message used by DHCP clients to obtain DHCP options. While PPP remote access clients do not use DHCP to obtain IP addresses for the remote access connection, Windows 2000 and Windows 98 remote access clients use the DHCPInform message to obtain DNS server IP addresses, WINS server IP addresses, and a DNS domain name.
The DHCPInform message is sent after the IPCP negotiation is concluded. The DHCPInform message received by the remote access server is then forwarded to a DHCP server. The remote access server forwards DHCPInform messages only if it has been configured with the DHCP Relay Agent.
14.Describe the integration between DHCP and DNS?
Traditionally, DNS and DHCP servers have been configured and managed one at a time. Similarly, changing authorization rights for a particular user on a group of devices has meant visiting each one and making configuration changes.
DHCP integration with DNS allows the aggregation of these tasks across devices, enabling a company’s network services to scale in step with the growth of network users, devices, and policies, while reducing administrative operations and costs. This integration provides practical operational efficiencies that lower total cost of ownership.
Creating a DHCP network automatically creates an associated DNS zone, for example, reducing the number of tasks required of network administrators. And integration of DNS and DHCP in the same database instance provides unmatched consistency between service and management views of IP address-centric network services data.
V.General HR Questions
Tell us a little bit about yourself.
What are your greatest strengths?
What are your greatest weaknesses?
What do you like about your current job or what did you like about your last job?
Give us an example of when you handled a stressful situation.
Give us an example of one of the toughest problems you had to face, and how did you deal with it?
Why do you think you should get this position?
Do you think you are the best person for this job? If so, why?
Why did you apply for this position?
Why did you apply for a position with our company and what do you know about us?
Why should we hire you?
Tell us about your short and long term goals?
Where do you see yourself five years from now?
Please explain, what does customer service mean to you? What does being a team player mean to you?
Give us an example of how you handled a conflict with another employee?
What are your salary expectations?
What would you consider your most important accomplishment?
How would you define success?
At your last review, what improvements did your manager suggest you make?
What would your coworkers say about you?
For Any More questions and details kindly please visit:
www.traininginchrompet.com