43655939-interview-faq.pdf

7/27/2019 43655939-Interview-Faq.pdf

1/10

1. Whats MQPingused for? Testing Microsoft Message Queue services between

the nodes on a network.

2. What is a firewall?

3. Describe, genrally, how to manage a firewall

4. What is a Denial of Service attack?

5. What is a spoofed packet?

6. What is a SYN Flood?

7. What do you do if you are a victim of a DoS?

8. What is GPG/PGP?

9. What is SSH?

10. What is SSL? How do you create certificates?

11. What would you do if you discovered a UNIX or Network device on yournetwork has been compromised?

12. What would you do if you discovered a Windows system on your network hasbeen comrpromised?

13. What is DNS Hijacking?

14. What is a log host?

15. What is IDS or IDP, and can you give me an example of one?

16. Why are proxy servers useful?

17. What is web-caching?

1. What is the difference between layer 2 and layer 3 in the OSI model?

2. What is the difference between a hub, switch, and router?

3. What is a VLAN?4. What is the difference between TCP and UDP?

5. How do you distinguish a DNS problem from a network problem?

6. What is a runt, Giant, and collision?

7. What is a broadcast storm?


2/10

8. What is the purpose of VRRP?

9. What is a VPN?

10. What information about a peer would I need to establish a VPN?

11. What is a full-class C in CIDR notation?

12. What is a default route?

13. What is a metric?

14. What is a MAC address?

15. What is ARP/RARP?

16. Describe a TCP connection sequence

17. What is MTU?

18. What other TCP setting can you modify besides MTU to shorten packets?

What new features are available in IIS 6.0?

A: There are many security features in IIS 6.0. The default installationof IIS 6.0 is "locked." Other new features include selectable

cryptographic services, advanced digest authentication, and

configurable access control of processes. To increase reliability IIS 6.0has a kernel mode HTTP service, dedicated application processes, and

a self-healing mechanism. It also supports Unicode support, metabaseconfiguration in XML rather than binary files and additional features set

to reduce the number of reboots required

What features are specifically missing for Windows Web Server

2003?A: Enterprise UDDI Services, Cluster Service, Internet Authentication

Service (IAS), Network Bridge, Internet Connection Sharing (ICS),Metadirectory Services Support (MSS), Remote Service, Services for

Macintosh, Removable and Remote Storage, Remote Installation

Services (RIS), Internet Connection Firewall, All Major ScalabilityFeatures (only included in Datacenter), Terminal Server and Terminal

Server Session Directory. Partially supported features are Public KeyInfrastructure, Certificate Services, and Smart Cards, Active Directory

and Virtual Private Network (VPN).


3/10

1. How do you install recovery console?C:\i386\win32 /cmdcons,

assuming that your Win server installation is on drive C.

Whats new in Terminal Services for Windows 2003 Server? Supports audiotransmissions as well, although prepare for heavy network load

FSMO:

FSMO (Flexible Single Master Operations)

There are times when you may need to change the Domain

Controller which holds one of the 5 FSMO roles. Either you couldbe facing a disaster recovery where you have lost the first

Windows 2003 Domain Controller, or you are organized and want

to get the most out of your Active Directory Forest. Although yourarely need to deal with FSMO, there is the feeling that knowledge

of these Operation Masters is power over your Windows 2003Servers

Background of Operations Masters

For most Active Directory operations, Windows 2003 uses themultiple master model. The benefit is you can add a computer, or

change a user's password on any domain controller. For example,if you have three domain controllers, you can physically create a

new computer account in the NTDS.dit database on any of the

three. Within five minutes (15 seconds in Windows 2003), thenew computer object will be replicated to the other two domain

controllers.

Technically, the Microsoft multiple master model uses a changenotification mechanism. Occasionally problems arise if twoadministrators perform duplicate operations before the next

replication cycle. For example, you created an OU called Accounts

last week, today at the same instant you create new users in thatOU, another administrator on another DC, deletes that OU. Active

Directory does it's best to obey both administrators. It deletes theOU and creates the Users, but as it cannot create the Users in the

OU because it was deleted, the result is the users are added to theorphaned objects in the 'LostAndFound' folder. You can

troubleshoot what has happed by locating the 'LostAndFound'folder in Active Directory Users and Computers.

From the View Menu in Active Directory Users and Computer,

click: Advanced Features


4/10

The Five FSMO Roles

There are just five operations where the usual multiple mastermodel breaks down, and the Active Directory task must only be

carried out on one Domain Controller.

1. PDC Emulator - Most famous for backwards compatibilitywith NT 4.0 BDC's. However, there are two other roles which

operate even in Windows 2003 Native Domains, synchronizingthe W32Time service and creating group policies. I admit that

it is confusing that these two jobs have little to do with PDCsand BDCs.

2. RID Master - Each object must have a globally unique

number (GUID). The RID master makes sure each domain

controller issues unique numbers when you create objects

such as users or computers. For example DC one is given Rids1-4999 and DC two is given Rids 5000 - 9999.

3. Infrastructure Master - Responsible for checking objectsin other other domains. Universal group membership is the

most important example. To me, it seems as though the

operating system is paranoid that, a) You are a member of aUniversal Group in another domain and b) that group has been

assigned Deny permissions. So if the Infrastructure mastercould not check your Universal Groups there could be a

security breach.

4. Domain Naming Master - Ensures that each child

domain has a unique name. How often do child domains getadded to the forest? Not very often I suggest, so the fact that

this is a FSMO does not impact on normal domain activity. Mypoint is it's worth the price to confine joining and leaving the

domain operations to one machine, and save the tiny risk ofgetting duplicate names or orphaned domains.

5. Schema Master - Operations that involve expanding userproperties e.g. Exchange 2003 / forest prep which adds

mailbox properties to users. Rather like the Domain namingmaster, changing the schema is a rare event. However if you

have a team of Schema Administrators all experimenting withobject properties, you would not want there to be a mistake

which crippled your forest. So its a case of Microsoft know

best, the Schema Master should be a Single Master Operation.


5/10

Difference between Scope and Super Scope:

Unlessthey have change the GUI) you cannot create ascope "under a superscope" -- you create and add it tothe superscope.

If you understand the purpose of a superscope explicitlyit will make it clear when to use Superscopes.

First, a mental trick: Every time you hear the word superscope,mentally (out loud at first) add the word "GROUP" so it becomes"superscopeGROUP" - scopeGroup would have been a much

better name for this but that's not what the RFCs chose.

A superscope(group) is used when you have a MULTINET--more than one 'logical subnet' on the same 'physical subnet orsegment of wire'.

You want the DHCP server to service both subnets -- a scopeis related to ONE Subnet.

So create each scope (per logical subnet) and create asuperscopeGROUP

because you have a multinet -- add the scopes to the superscope...togroup them.

What are the differences between Windows 2000 Professional, Server,Advanced Server, and DataCenter?Windows 2000 comes in several versions. Windows 2000 Professional is adesktop operating system for workstations designed to replace Windows NTWorkstation and Windows 95/98 in corporate environments. It can support 2processors, as well as multiple monitors. Windows 2000 Server supports 4

processors and is designed to fill the role of typical domain controller, file andprint server, application server, and other common tasks. Windows 2000

Advanced Server is designed for high end mission critical platforms, supports 8processors, and includes support for 2 way server clustering. Windows 2000DataCenter Server goes even further than Advanced Server in that it can supportup to 32 processors, cascading failover among 4 nodes, and 32 node networkload balancing.


6/10

How much difference is there between Windows 2000 and Windows NT4.0?Even though Windows 2000 is built on the Windows NT architecture, Microsofthas added many new features (Plug and Play, USB support, Recovery Console,IntelliMirror, Group Policy, Active Directory, integration of IIS and Terminal

Services) and redesigned many of the management tools (MMC, DiskAdministration, ADSI). If you are already familiar with Windows NT, you'll have aneasier time getting used to Windows 2000 but there is still a lot to learn.

What is the difference between Windows 95/98/Me and Windows 2000?Windows 98 and Windows Me are based on the popular Microsoft Windows 95Operating System, and are designed for the consumer market. Windows 95/98were designed for backward compatibility with older DOS and 16bit programs, aswell as providing a platform for the newer (back in 1995) 32 bit programs.

Although many companies use both Windows 95 and Windows 98, theseOperating Systems lack the security and stability of Windows NT/2000. However,

Windows 95/98/Me is compatible with more software (including games) andhardware. It is important to remember that Windows 2000 is designed for thecorporate environment, and not the average home user.

What is the difference between UNIX and Windows 2000?UNIX is a much older Operating System that was designed in the 1960's. Itbegan as an open source project that became widely used in Universities,scientific labs, and by the U.S. government. Over the years, hundreds of talentedprogrammers contributed their own improvements to Unix making it extremelyrobust, stable, and fast. However, UNIX can be difficult to learn and isn't aswidely supported as Microsoft Windows. For information regarding UNIX vs.

Windows NT/2000 in corporate and academic environments,

Kerberos:

Kerberos is a network authentication protocol. It is designed to provide strongauthentication for client/server applications by using secret-key cryptography. A free

implementation of this protocol is available from the Massachusetts Institute of

Technology. Kerberos is available in many commercial products as well.

The Internet is an insecure place. Many of the protocols used in the Internet do not

provide any security. Tools to "sniff" passwords off of the network are in common use by

systems crackers. Thus, applications which send an unencrypted password over the

network are extremely vulnerable. Worse yet, other client/server applications rely on theclient program to be "honest" about the identity of the user who is using it. Other

applications rely on the client to restrict its activities to those which it is allowed to do,

with no other enforcement by the server.

Some sites attempt to use firewalls to solve their network security problems.

Unfortunately, firewalls assume that "the bad guys" are on the outside, which is often avery bad assumption. Most of the really damaging incidents of computer crime are


7/10

carried out by insiders. Firewalls also have a significant disadvantage in that they restrict

how your users can use the Internet. (After all, firewalls are simply a less extreme

example of the dictum that there is nothing more secure then a computer which is notconnected to the network --- and powered off!) In many places, these restrictions are

simply unrealistic and unacceptable.

Kerberos was created by MIT as a solution to these network security problems. The

Kerberos protocol uses strong cryptography so that a client can prove its identity to a

server (and vice versa) across an insecure network connection. After a client and serverhave used Kerberos to prove their identity, they can also encrypt all of their

communications to assure privacy and data integrity as they go about their business.

Kerberos is freely available from MIT, under a copyright permission notice very similarto the one used for the BSD operating and X11 Windowing system. MIT provides

Kerberos in source form, so that anyone who wishes to use it may look over the code for

themselves and assure themselves that the code is trustworthy. In addition, for those whoprefer to rely on a professional supported product, Kerberos is available as a product

from many different vendors.

In summary, Kerberos is a solution to your network security problems. It provides the

tools of authentication and strong cryptography over the network to help you secure your

information systems across your entire enterprise. We hope you find Kerberos as usefulas it has been to us. At MIT, Kerberos has been invaluable to our

Information/Technology architecture.

------------------------------------------------------------

Exchange server

Distribution list:

A distribution list is a group of e-mail addresses, usually grouped under a single e-mail

address. When you send to a distribution list, you're really sending to everyone whose

address is included in the list. It's much easier than picking 30 different addresses fromthe Address Book.

Routing Groups:

Exchange 2003 can easily route both internal and external email. For routing email

within your Exchange Organization, the best choice is a Routing Group Connector; while


8/10

internet email is best served by an SMTP connector. X.400 Connectors are used to

transfer email between Exchange and older types of email systems

Exchange Database (.edb)

Exchange Streaming Database (.stm)

ESEUTIL utilityYou can use the Eseutil utility to defragment the information store and

directory in Microsoft Exchange Server 5.5 and to defragment theinformation store in Microsoft Exchange 2000 Server and in MicrosoftExchange Server 2003. Eseutil examines the structure of the database tablesand records (which can include reading, scanning, repairing, and

defragmenting) the low level of the database (Ese.dll).

Eseutil is located in the Winnt\System32 folder in Exchange Server 5.5 and inthe Exchsrvr/Bin folder in Exchange 2000 and in Exchange 2003. The utility

can run on one database at a time from the command line.

Isinteg (Microsoft Exchange Information Store Integrity Checker)

You can use the Isinteg.exe tool to check and to fix the integrity of the information

store databases including the private information store, Priv.edb, and the publicinformation store, Pub.edb.

MIME (Multipurpose Internet Mail Extensions)

Short forMultipurpose InternetMailExtensions, a specification for formatting non-

ASCII messages so that they can be sent over the Internet. Manye-mail clients nowsupport MIME, which enables them to send and receive graphics, audio, and video files

via the Internet mail system. In addition, MIME supports messages incharacter sets other

than ASCII.

MAPI (Messaging Application Programming Interface)

MAPI = Messaging Application Programming Interface, the heart of Microsoft's

messaging programs. Extended MAPI serves three main purposes:

It's the programming interface used to write components that connect todifferent mail servers, provide access to custom address books andprovide rich storage facilities -- in other words, the components that youcan add through see on the Tools | Services dialog in Outlook.

You can use MAPI to develop new types of custom forms, not based on the built-inOutlook forms.
http://www.webopedia.com/TERM/M/ASCII.htmlhttp://www.webopedia.com/TERM/M/Internet.htmlhttp://www.webopedia.com/TERM/M/e_mail_client.htmlhttp://www.webopedia.com/TERM/M/e_mail_client.htmlhttp://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/character_set.htmlhttp://www.webopedia.com/TERM/M/character_set.htmlhttp://www.webopedia.com/TERM/M/ASCII.htmlhttp://www.webopedia.com/TERM/M/Internet.htmlhttp://www.webopedia.com/TERM/M/e_mail_client.htmlhttp://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/character_set.html


9/10

You can create addins for Outlook, Exchange and Windows Messaging that extend thefunctionality of those clients.

Security accounts Manager (SAM)

Windows NT stores user information in the Security accountsManager (SAM)database. Specifically, encrypted passwords are stored inthe SAM._ fileof the NT Registry, in the systemroot directory (The NTResgistry is adatabase of information replacing the .ini files used in

the Windows 3.Xenvironment). Passwords are encrypted by a two partprocess when stored inthe NT registry. First, passwords are hashed using the RSAMD4 scheme,then they are further obfuscated using DES encryption.Typically, accessto the NT Registry is limited to the Administrator account.However, aback-up copy of the SAM._ file is normally created wheneverthe Emergency

Repair Disk is updated and is stored in %systemroot%\repair\SAM._. Thegroup "Everyone" has Read permission by default on thisback-up copy ofSAM._. As a result, "Everyone" has the potential to obtainor copy theencrypted password file.

DHCP Relay Agent

If you have routers separating some of your DHCP clients from the DHCP serveryou may have problems if they are not RFC compliant. This can be solved by

placing a DHCP relay agent on the local network area which is not actually aDHCP server which communicates on behalf of the DHCP Server. The DHCPRelay Agent must be a Windows NT Server computer.

1. On the NT Server log on as an Administrator

2. Start the Network control panel applet (Start - Settings - Control Panel -Network)


10/10

3. Click the Services tab and click Add

4. Select "DHCP Relay Agent" and click OK

5. Type the path of the files (e.g. d:\i386) and click OK

6. You will be asked if you wish to add IP address to the DHCP servers list,click Yes

7. Click the DHCP relay tab and click Add

8. In the DHCP Server field enter the IP address of the DHCP Server andclick Add

9. Click OK

10.Restart the computer

DHCP Lease Process:

A DHCP-enabled client obtains a lease for an IP address from a

DHCP server. Before the lease expires, the DHCP server mustrenew the lease for the client or the client must obtain a new

lease. Leases are retained in the DHCP server databaseapproximately one day after expiration. This grace period protects

a client's lease in case the client and server are in different time

zones, their internal clocks are not synchronized, or the client is offthe network when the lease expires

43655939-interview-faq.pdf

Documents