Upload
srivatsanece
View
214
Download
0
Embed Size (px)
Citation preview
7/27/2019 43655939-Interview-Faq.pdf
1/10
1. Whats MQPingused for? Testing Microsoft Message Queue services between
the nodes on a network.
2. What is a firewall?
3. Describe, genrally, how to manage a firewall
4. What is a Denial of Service attack?
5. What is a spoofed packet?
6. What is a SYN Flood?
7. What do you do if you are a victim of a DoS?
8. What is GPG/PGP?
9. What is SSH?
10. What is SSL? How do you create certificates?
11. What would you do if you discovered a UNIX or Network device on yournetwork has been compromised?
12. What would you do if you discovered a Windows system on your network hasbeen comrpromised?
13. What is DNS Hijacking?
14. What is a log host?
15. What is IDS or IDP, and can you give me an example of one?
16. Why are proxy servers useful?
17. What is web-caching?
1. What is the difference between layer 2 and layer 3 in the OSI model?
2. What is the difference between a hub, switch, and router?
3. What is a VLAN?4. What is the difference between TCP and UDP?
5. How do you distinguish a DNS problem from a network problem?
6. What is a runt, Giant, and collision?
7. What is a broadcast storm?
7/27/2019 43655939-Interview-Faq.pdf
2/10
8. What is the purpose of VRRP?
9. What is a VPN?
10. What information about a peer would I need to establish a VPN?
11. What is a full-class C in CIDR notation?
12. What is a default route?
13. What is a metric?
14. What is a MAC address?
15. What is ARP/RARP?
16. Describe a TCP connection sequence
17. What is MTU?
18. What other TCP setting can you modify besides MTU to shorten packets?
What new features are available in IIS 6.0?
A: There are many security features in IIS 6.0. The default installationof IIS 6.0 is "locked." Other new features include selectable
cryptographic services, advanced digest authentication, and
configurable access control of processes. To increase reliability IIS 6.0has a kernel mode HTTP service, dedicated application processes, and
a self-healing mechanism. It also supports Unicode support, metabaseconfiguration in XML rather than binary files and additional features set
to reduce the number of reboots required
What features are specifically missing for Windows Web Server
2003?A: Enterprise UDDI Services, Cluster Service, Internet Authentication
Service (IAS), Network Bridge, Internet Connection Sharing (ICS),Metadirectory Services Support (MSS), Remote Service, Services for
Macintosh, Removable and Remote Storage, Remote Installation
Services (RIS), Internet Connection Firewall, All Major ScalabilityFeatures (only included in Datacenter), Terminal Server and Terminal
Server Session Directory. Partially supported features are Public KeyInfrastructure, Certificate Services, and Smart Cards, Active Directory
and Virtual Private Network (VPN).
7/27/2019 43655939-Interview-Faq.pdf
3/10
1. How do you install recovery console?C:\i386\win32 /cmdcons,
assuming that your Win server installation is on drive C.
Whats new in Terminal Services for Windows 2003 Server? Supports audiotransmissions as well, although prepare for heavy network load
FSMO:
FSMO (Flexible Single Master Operations)
There are times when you may need to change the Domain
Controller which holds one of the 5 FSMO roles. Either you couldbe facing a disaster recovery where you have lost the first
Windows 2003 Domain Controller, or you are organized and want
to get the most out of your Active Directory Forest. Although yourarely need to deal with FSMO, there is the feeling that knowledge
of these Operation Masters is power over your Windows 2003Servers
Background of Operations Masters
For most Active Directory operations, Windows 2003 uses themultiple master model. The benefit is you can add a computer, or
change a user's password on any domain controller. For example,if you have three domain controllers, you can physically create a
new computer account in the NTDS.dit database on any of the
three. Within five minutes (15 seconds in Windows 2003), thenew computer object will be replicated to the other two domain
controllers.
Technically, the Microsoft multiple master model uses a changenotification mechanism. Occasionally problems arise if twoadministrators perform duplicate operations before the next
replication cycle. For example, you created an OU called Accounts
last week, today at the same instant you create new users in thatOU, another administrator on another DC, deletes that OU. Active
Directory does it's best to obey both administrators. It deletes theOU and creates the Users, but as it cannot create the Users in the
OU because it was deleted, the result is the users are added to theorphaned objects in the 'LostAndFound' folder. You can
troubleshoot what has happed by locating the 'LostAndFound'folder in Active Directory Users and Computers.
From the View Menu in Active Directory Users and Computer,
click: Advanced Features
7/27/2019 43655939-Interview-Faq.pdf
4/10
The Five FSMO Roles
There are just five operations where the usual multiple mastermodel breaks down, and the Active Directory task must only be
carried out on one Domain Controller.
1. PDC Emulator - Most famous for backwards compatibilitywith NT 4.0 BDC's. However, there are two other roles which
operate even in Windows 2003 Native Domains, synchronizingthe W32Time service and creating group policies. I admit that
it is confusing that these two jobs have little to do with PDCsand BDCs.
2. RID Master - Each object must have a globally unique
number (GUID). The RID master makes sure each domain
controller issues unique numbers when you create objects
such as users or computers. For example DC one is given Rids1-4999 and DC two is given Rids 5000 - 9999.
3. Infrastructure Master - Responsible for checking objectsin other other domains. Universal group membership is the
most important example. To me, it seems as though the
operating system is paranoid that, a) You are a member of aUniversal Group in another domain and b) that group has been
assigned Deny permissions. So if the Infrastructure mastercould not check your Universal Groups there could be a
security breach.
4. Domain Naming Master - Ensures that each child
domain has a unique name. How often do child domains getadded to the forest? Not very often I suggest, so the fact that
this is a FSMO does not impact on normal domain activity. Mypoint is it's worth the price to confine joining and leaving the
domain operations to one machine, and save the tiny risk ofgetting duplicate names or orphaned domains.
5. Schema Master - Operations that involve expanding userproperties e.g. Exchange 2003 / forest prep which adds
mailbox properties to users. Rather like the Domain namingmaster, changing the schema is a rare event. However if you
have a team of Schema Administrators all experimenting withobject properties, you would not want there to be a mistake
which crippled your forest. So its a case of Microsoft know
best, the Schema Master should be a Single Master Operation.
7/27/2019 43655939-Interview-Faq.pdf
5/10
Difference between Scope and Super Scope:
Unlessthey have change the GUI) you cannot create ascope "under a superscope" -- you create and add it tothe superscope.
If you understand the purpose of a superscope explicitlyit will make it clear when to use Superscopes.
First, a mental trick: Every time you hear the word superscope,mentally (out loud at first) add the word "GROUP" so it becomes"superscopeGROUP" - scopeGroup would have been a much
better name for this but that's not what the RFCs chose.
A superscope(group) is used when you have a MULTINET--more than one 'logical subnet' on the same 'physical subnet orsegment of wire'.
You want the DHCP server to service both subnets -- a scopeis related to ONE Subnet.
So create each scope (per logical subnet) and create asuperscopeGROUP
because you have a multinet -- add the scopes to the superscope...togroup them.
What are the differences between Windows 2000 Professional, Server,Advanced Server, and DataCenter?Windows 2000 comes in several versions. Windows 2000 Professional is adesktop operating system for workstations designed to replace Windows NTWorkstation and Windows 95/98 in corporate environments. It can support 2processors, as well as multiple monitors. Windows 2000 Server supports 4
processors and is designed to fill the role of typical domain controller, file andprint server, application server, and other common tasks. Windows 2000
Advanced Server is designed for high end mission critical platforms, supports 8processors, and includes support for 2 way server clustering. Windows 2000DataCenter Server goes even further than Advanced Server in that it can supportup to 32 processors, cascading failover among 4 nodes, and 32 node networkload balancing.
7/27/2019 43655939-Interview-Faq.pdf
6/10
How much difference is there between Windows 2000 and Windows NT4.0?Even though Windows 2000 is built on the Windows NT architecture, Microsofthas added many new features (Plug and Play, USB support, Recovery Console,IntelliMirror, Group Policy, Active Directory, integration of IIS and Terminal
Services) and redesigned many of the management tools (MMC, DiskAdministration, ADSI). If you are already familiar with Windows NT, you'll have aneasier time getting used to Windows 2000 but there is still a lot to learn.
What is the difference between Windows 95/98/Me and Windows 2000?Windows 98 and Windows Me are based on the popular Microsoft Windows 95Operating System, and are designed for the consumer market. Windows 95/98were designed for backward compatibility with older DOS and 16bit programs, aswell as providing a platform for the newer (back in 1995) 32 bit programs.
Although many companies use both Windows 95 and Windows 98, theseOperating Systems lack the security and stability of Windows NT/2000. However,
Windows 95/98/Me is compatible with more software (including games) andhardware. It is important to remember that Windows 2000 is designed for thecorporate environment, and not the average home user.
What is the difference between UNIX and Windows 2000?UNIX is a much older Operating System that was designed in the 1960's. Itbegan as an open source project that became widely used in Universities,scientific labs, and by the U.S. government. Over the years, hundreds of talentedprogrammers contributed their own improvements to Unix making it extremelyrobust, stable, and fast. However, UNIX can be difficult to learn and isn't aswidely supported as Microsoft Windows. For information regarding UNIX vs.
Windows NT/2000 in corporate and academic environments,
Kerberos:
Kerberos is a network authentication protocol. It is designed to provide strongauthentication for client/server applications by using secret-key cryptography. A free
implementation of this protocol is available from the Massachusetts Institute of
Technology. Kerberos is available in many commercial products as well.
The Internet is an insecure place. Many of the protocols used in the Internet do not
provide any security. Tools to "sniff" passwords off of the network are in common use by
systems crackers. Thus, applications which send an unencrypted password over the
network are extremely vulnerable. Worse yet, other client/server applications rely on theclient program to be "honest" about the identity of the user who is using it. Other
applications rely on the client to restrict its activities to those which it is allowed to do,
with no other enforcement by the server.
Some sites attempt to use firewalls to solve their network security problems.
Unfortunately, firewalls assume that "the bad guys" are on the outside, which is often avery bad assumption. Most of the really damaging incidents of computer crime are
7/27/2019 43655939-Interview-Faq.pdf
7/10
carried out by insiders. Firewalls also have a significant disadvantage in that they restrict
how your users can use the Internet. (After all, firewalls are simply a less extreme
example of the dictum that there is nothing more secure then a computer which is notconnected to the network --- and powered off!) In many places, these restrictions are
simply unrealistic and unacceptable.
Kerberos was created by MIT as a solution to these network security problems. The
Kerberos protocol uses strong cryptography so that a client can prove its identity to a
server (and vice versa) across an insecure network connection. After a client and serverhave used Kerberos to prove their identity, they can also encrypt all of their
communications to assure privacy and data integrity as they go about their business.
Kerberos is freely available from MIT, under a copyright permission notice very similarto the one used for the BSD operating and X11 Windowing system. MIT provides
Kerberos in source form, so that anyone who wishes to use it may look over the code for
themselves and assure themselves that the code is trustworthy. In addition, for those whoprefer to rely on a professional supported product, Kerberos is available as a product
from many different vendors.
In summary, Kerberos is a solution to your network security problems. It provides the
tools of authentication and strong cryptography over the network to help you secure your
information systems across your entire enterprise. We hope you find Kerberos as usefulas it has been to us. At MIT, Kerberos has been invaluable to our
Information/Technology architecture.
------------------------------------------------------------
Exchange server
Distribution list:
A distribution list is a group of e-mail addresses, usually grouped under a single e-mail
address. When you send to a distribution list, you're really sending to everyone whose
address is included in the list. It's much easier than picking 30 different addresses fromthe Address Book.
Routing Groups:
Exchange 2003 can easily route both internal and external email. For routing email
within your Exchange Organization, the best choice is a Routing Group Connector; while
7/27/2019 43655939-Interview-Faq.pdf
8/10
internet email is best served by an SMTP connector. X.400 Connectors are used to
transfer email between Exchange and older types of email systems
Exchange Database (.edb)
Exchange Streaming Database (.stm)
ESEUTIL utilityYou can use the Eseutil utility to defragment the information store and
directory in Microsoft Exchange Server 5.5 and to defragment theinformation store in Microsoft Exchange 2000 Server and in MicrosoftExchange Server 2003. Eseutil examines the structure of the database tablesand records (which can include reading, scanning, repairing, and
defragmenting) the low level of the database (Ese.dll).
Eseutil is located in the Winnt\System32 folder in Exchange Server 5.5 and inthe Exchsrvr/Bin folder in Exchange 2000 and in Exchange 2003. The utility
can run on one database at a time from the command line.
Isinteg (Microsoft Exchange Information Store Integrity Checker)
You can use the Isinteg.exe tool to check and to fix the integrity of the information
store databases including the private information store, Priv.edb, and the publicinformation store, Pub.edb.
MIME (Multipurpose Internet Mail Extensions)
Short forMultipurpose InternetMailExtensions, a specification for formatting non-
ASCII messages so that they can be sent over the Internet. Manye-mail clients nowsupport MIME, which enables them to send and receive graphics, audio, and video files
via the Internet mail system. In addition, MIME supports messages incharacter sets other
than ASCII.
MAPI (Messaging Application Programming Interface)
MAPI = Messaging Application Programming Interface, the heart of Microsoft's
messaging programs. Extended MAPI serves three main purposes:
It's the programming interface used to write components that connect todifferent mail servers, provide access to custom address books andprovide rich storage facilities -- in other words, the components that youcan add through see on the Tools | Services dialog in Outlook.
You can use MAPI to develop new types of custom forms, not based on the built-inOutlook forms.
http://www.webopedia.com/TERM/M/ASCII.htmlhttp://www.webopedia.com/TERM/M/Internet.htmlhttp://www.webopedia.com/TERM/M/e_mail_client.htmlhttp://www.webopedia.com/TERM/M/e_mail_client.htmlhttp://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/character_set.htmlhttp://www.webopedia.com/TERM/M/character_set.htmlhttp://www.webopedia.com/TERM/M/ASCII.htmlhttp://www.webopedia.com/TERM/M/Internet.htmlhttp://www.webopedia.com/TERM/M/e_mail_client.htmlhttp://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/MIME.html#%23http://www.webopedia.com/TERM/M/character_set.html7/27/2019 43655939-Interview-Faq.pdf
9/10
You can create addins for Outlook, Exchange and Windows Messaging that extend thefunctionality of those clients.
Security accounts Manager (SAM)
Windows NT stores user information in the Security accountsManager (SAM)database. Specifically, encrypted passwords are stored inthe SAM._ fileof the NT Registry, in the systemroot directory (The NTResgistry is adatabase of information replacing the .ini files used in
the Windows 3.Xenvironment). Passwords are encrypted by a two partprocess when stored inthe NT registry. First, passwords are hashed using the RSAMD4 scheme,then they are further obfuscated using DES encryption.Typically, accessto the NT Registry is limited to the Administrator account.However, aback-up copy of the SAM._ file is normally created wheneverthe Emergency
Repair Disk is updated and is stored in %systemroot%\repair\SAM._. Thegroup "Everyone" has Read permission by default on thisback-up copy ofSAM._. As a result, "Everyone" has the potential to obtainor copy theencrypted password file.
DHCP Relay Agent
If you have routers separating some of your DHCP clients from the DHCP serveryou may have problems if they are not RFC compliant. This can be solved by
placing a DHCP relay agent on the local network area which is not actually aDHCP server which communicates on behalf of the DHCP Server. The DHCPRelay Agent must be a Windows NT Server computer.
1. On the NT Server log on as an Administrator
2. Start the Network control panel applet (Start - Settings - Control Panel -Network)
7/27/2019 43655939-Interview-Faq.pdf
10/10
3. Click the Services tab and click Add
4. Select "DHCP Relay Agent" and click OK
5. Type the path of the files (e.g. d:\i386) and click OK
6. You will be asked if you wish to add IP address to the DHCP servers list,click Yes
7. Click the DHCP relay tab and click Add
8. In the DHCP Server field enter the IP address of the DHCP Server andclick Add
9. Click OK
10.Restart the computer
DHCP Lease Process:
A DHCP-enabled client obtains a lease for an IP address from a
DHCP server. Before the lease expires, the DHCP server mustrenew the lease for the client or the client must obtain a new
lease. Leases are retained in the DHCP server databaseapproximately one day after expiration. This grace period protects
a client's lease in case the client and server are in different time
zones, their internal clocks are not synchronized, or the client is offthe network when the lease expires