Thursday, September 12, 2013

Active Directory - Part 3

71. What is RSoP?
It is the sum of group policies applied to a user or computer. RSop queries can be generated by the three tools which are
  • Resultant set of policy wizard
  • Gpresult command line tool
  • Advanced system information policy tool
What are the modes which are used by RSoP wizard?
Logging mode and planning mode


Logging mode: It enables to review the existing GPO settings, software installation applications and security for the computer or user account. It can be used to
  • Find failed or overwritten policy settings
  • See how security groups affect policy settings
  • Find out how local policy is affecting group policies

Planning mode: It enables to plan growth and re organization. Using RsoP planning mode we can poll existing GPO’s for policy settings,software installation applications and security.

72.What are the Group Policy troubleshooting tools?

  • RSoP wizard
  • Gpresult
  • Gpupdate
  • Event viewer
  • Log files

What is software installation extension?

The software installation extension in the group policy object editor console is the key administrative tool for deploying software allowing administrators to centrally store
  • Initial deployment of software
  • Applying patches and updates
  • Removal of the software

1.       Assign & Publish the applications in GP & how?
Through Group policy you can Assign and publish the applications by creating .msi package for that application
With Assign option you can apply policy for both user and computer. If it is applied to computer then the policy will apply to user who logs on to that computer. If it is applied on user it will apply where ever he logs on to the domain. It will be appear in Start menu—Programs. Once user click the shortcut or open any document having that extension then the application install into the local machine. If any application program files missing it will automatically repair.
  • With Publish option you can apply only on users. It will not install automatically when any application program files are corrupted or deleted.
  
72. What are the commonly used types of RAID?

RAID 0, RAID 1 and RAID 5

75. What is the difference between OU and Group?
                 An authenticated set of users classified by common traits such as job title or customer profile. Groups are also associated with a set of roles, and every user that is a member of a group inherits all the roles assigned to that group.                       An OU is a container used to organize objects within a domain into logical administrative groups. An OU can contain objects such as user accounts, groups, computers, printers, applications, file shares, and other OU’s.
There are three reasons for defining an OU
·         To delegate administration: we can add Ou’s to other Ou’s to form a hierarchy of administrative control.
·         To administer group policy : Group policies can be linked to OU’s
·         To hide objects: T o hide some objects from certain users.
76. What is DFS?

             The Distributed File System, or DFS, allows shares in multiple different locations to be logically grouped under one folder, or DFS root. When users try to access a share that exists off the DFS root, the user is really looking at a DFS link and the DFS server transparently redirects them to the correct file server and share. A DFS root can only exist on a Windows 2000 version that is part of the server family, and only one DFS root can exist on that server.
77. What is EFS?

     The EFS or Encrypting File System is a file system with file system-level encryption available in Microsoft's Windows 2000, Windows XP Professional Edition, Windows Server 2003, and now Windows Media Center 2005 operating systems. The technology transparently allows files to be stored encrypted on NTFS file systems to protect confidential data from attackers with physical access to the computer.
78. How many DFS roots can be configured in Windows 2000?: One but in windows server 2003 more than one root is possible

79. What is remote desktop protocol?:  Remote Desktop Protocol (RDP) is a multi-channel protocol that allows a user to connect to a computer running Microsoft Terminal Services.

80. What is NS Lookup?: It is a command line tool and it offers ability to perform query testing of DNS servers and to obtain detailed response at command prompt.
81. What are the different types of backups?

Normal

During a normal backup, all selected files and folders are backed up. A normal backup does not rely on markers to determine which files to back up. During a normal backup any existing marks are cleared and each file is marked as having been backed up. Normal backups speed up the restore process because the backup files are the most current and you do not need to restore multiple backup jobs.

Copy

During a copy backup, all selected files and folders are backed up. It neither looks for nor clears markers. If you do not want to clear markers and affect other backup types, use a copy backup. For example, use a copy backup between a normal and an incremental backup to create an archival snapshot of network data.

Incremental

During an incremental backup, only selected files and folders that have a marker are backed up, and then the backup clears markers. Because an incremental backup clears markers, if you did two consecutive incremental backups on a file and nothing changed in the file, the file would not be backed up the second time.

Differential

During a differential backup, only selected files and folders that have a marker are backed up, but the backup does not clear markers. Because a differential backup does not clear markers, if you did two consecutive differential backups on a file and nothing changed in the file, the entire file would be backed up each time.

Daily

During a daily backup, all selected files and folders that have changed during the day are backed up. This backup neither looks for nor clears markers. If you want to back up all files and folders that change during the day, use a daily backup.
82. Explain booting process?

Pre boot Sequence

During startup, a computer running Windows XP Professional initializes and then locates the boot portion of the hard disk.
The following four steps occur during the pre boot sequence:
  1. The computer runs power-on self test (POST) routines to determine the amount of physical memory, whether the hardware components are present, and so on. If the computer has a Plug and Play BIOS, enumeration and configuration of hardware devices occurs at this stage.
  1. The computer BIOS locates the boot device and loads and runs the master boot record (MBR).
  1. The MBR scans the partition table to locate the active partition, loads the boot sector on the active partition into memory, and then executes it.
  1. The computer loads and initializes the NTLDR file, which is the operating system loader.

Boot Sequence

After the computer loads NTLDR into memory, the boot sequence gathers information about hardware and drivers in preparation for the Windows XP Professional load phases. The boot sequence uses the following files: NTLDR, BOOT.INI, BOOTSECT.DOS (optional), NTDETECT.COM, and NTOSKRNL.EXE. The boot sequence has four phases: initial boot loader phase, operating system selection, hardware detection, and configuration selection.

Kernel Load

After configuration selection, the Windows XP Professional kernel (NTOSKRNL.EXE) loads and initializes. NTOSKRNL.EXE also loads and initializes device drivers and loads services. If you press Enter when the Hardware Profile/Configuration Recovery menu appears, or if NTLDR makes the selection automatically, the computer enters the kernel load phase. The screen clears and a series of white rectangles appears across the bottom of the screen

Kernel Initialization

When the kernel load phase is complete, the kernel initializes, and then NTLDR passes control to the kernel. At this point, the system displays a graphical screen with a status bar indicating load status. Four tasks are accomplished during the kernel initialization stage:
  • The Hardware key is created
  • The Clone control set is created
  • Device drivers are loaded and initialized
  • Services are started

83. What are the three classes of IP address?

A
The first network ID is 1.0.0.0 and the last is 126.0.0.0. This allows for 126 networks and 16,777,214 hosts per network. The class A address 127.x.y.z is reserved for loop back testing and inter process communications on the local computer. For class A addresses, the network ID is always the first octet in the address and the host ID is the last three octets.
B
The first network ID is 128.0.0.0 and the last is 191.255.0.0. This allows for 16,384 networks and 65,534 hosts per network. For class B addresses, the network ID is always the first two octets in the address and the host ID is the last two octets.
C
The first network ID is 192.0.0.0 and the last is 223.255.255.0. This allows for 2,097,152 networks and 254 hosts per network. For class C addresses, the network ID is always the first three octets in the address and the host ID is the last octet.

84. How many types of accounts are there in windows 2003?

Local User Accounts : Local user accounts allow users to log on only to the computer on which the local user account has been created and to access resources on only that computer. When you create a local user account, Windows XP Professional creates the account only in that computer's security database, called the local security database

Domain User Accounts : Domain user accounts allow you to log on to the domain and access resources anywhere on the network. When you log on, you provide your logon information-your user name and password. Microsoft Windows 2000 Server uses this logon information to authenticate your identity and build an access token that contains your user information and security settings. The access token identifies you to the computers in the domain on which you try to access resources. The access token is valid throughout the logon session.

Built-In User Accounts : Windows XP Professional automatically creates built-in accounts. Two commonly used built-in accounts are Administrator and Guest.

Administrator : Use the built-in Administrator account to manage the overall computer. You can perform tasks to create and modify user accounts and groups, manage security policies, create printer resources, and assign the permissions and rights that allow user accounts to access resources.


Guest : Use the built-in Guest account to allow occasional users to log on and access resources. For example, an employee who needs access to resources for a short time can use the Guest account.


85.What are the types of Groups?
2 types Security Group and Distribution Group
Security Group: It is used to assign permissions to gain access to resources
Distribution Groups: It is used for non security related functions such as sending E-mail messages to a group of users at the same time.




86. What are the group scopes in Windows 2003?

Groups, whether a security group or a distribution group, are characterized by a scope that identifies the extent to which the group is applied in the domain tree or forest. There are three group scopes: universal, global, and domain local.
Members of universal groups can include other groups and accounts from any domain in the domain tree or forest and can be assigned permissions in any domain in the domain tree or forest.
Members of global groups can include other groups and accounts only from the domain in which the group is defined and can be assigned permissions in any domain in the forest.
Members of domain local groups can include other groups and accounts from Windows Server 2003, Windows 2000, or Windows NT domains and can be assigned permissions only within a domain.

87. What is router?
A router is a computer networking device that forwards data packets across a network toward their destinations, through a process known as routing. Routing occurs at Layer 3 (the network layer i.e. Internet Protocol (IP))

88. What is Firewall?

A firewall protects a network against external threats from another network, including the Internet. firewall prevent an organization's networked computers from communicating directly with computers that are external to the network and prevent computers external to the network from communicating directly with the computers in the organization's network. All incoming and outgoing communication is routed through a proxy server outside the organization's network. Firewall also audit network activity, recording the volume of traffic and information about attempts to gain unauthorized access

90. How many OSI layers appear in TCP/IP?:   Application, Transport, Internet and Network Layers

91. When you ping a system how many times it will reply?:         4 Times

92. What Is DFS root and DFS link?

DFS root: You can think of this as a share that is visible on the network, and in this share you can have additional files and folders.
DFS link: A link is another share somewhere on the network that goes under the root. When a user opens this link they will be redirected to a shared folder.
93. What is IIS:  Internet Information Services (IIS) allows you to easily publish information on the Internet or on your or your company's intranet. You place your Web files in directories on your server and users establish HTTP connections and view your files with a Web browser.

94. What is PING, PATHPING, TRACERT commands?

Ping is a computer network tool used to test whether a particular host is reachable across an IP network. Ping works by sending ICMPecho requestpackets ("Ping?") to the target host and listening for ICMP “echo response” replies (sometimes dubbed "Pong!" as an analog from the Ping Pong table tennis sport.) Using interval timing and response rate, ping estimates the round-trip time (generally in milliseconds although the unit is often omitted) and packet loss (if any) rate between hosts
Path ping
Path ping is a tool that detects packet loss over multiple hop trips.
Trace route (trace path on modern Linux systems, tracert on Windows operating system) is a computer network tool used to determine the route taken by packets across an IP network
95. What is the difference between a work group and domain?

        Workgroup is a logical grouping of networked computers that share resources, such as files and printers. A workgroup is also called a peer-to-peer network because all computers in the workgroup can share resources as equals (peers) without a dedicated server
Because workgroups have decentralized administration and security, the following are true:
  • A user must have a user account on each computer to which he or she wants to gain access.
  • Any changes to user accounts, such as changing a user's password or adding a new user account, must be made on each computer in the workgroup. If you forget to add a new user account to one of the computers in your workgroup, the new user will not be able to log on to that computer and will be unable to access resources on it.
A workgroup provides the following advantages:
  • It does not require inclusion of a domain controller in the configuration to hold centralized security information.
  • It is simple to design and implement. It does not require the extensive planning and administration that a domain requires.
  • It is a convenient networking environment for a limited number of computers in close proximity. However, a workgroup becomes impractical in environments with more than 10 computers.

Domains

A domain is a logical grouping of network computers that share a central directory database. A directory database contains user accounts and security information for the domain. This database is known as the directory and is the database portion of Active Directory service, the Windows 2000 directory service.
The benefits of a domain include the following:
  • Centralized administration, because all user information is stored centrally.
  • A single logon process for users to gain access to network resources (such as file, print, and application resources) for which they have permissions. In other words, you can log on to one computer and use resources on another computer in the network as long as you have appropriate permissions to access the resource.
  • Scalability, so that you can create very large networks.

96. What is the difference between router and gateway?

Routers are machines that direct a packet through the maze of networks that stand between its source and destination. Normally a router is used for internal networks while a gateway acts a door for the packet to reach the ‘outside’ of the internal network

97. What is default gateway: The exit-point from one network and entry-way into another network, often the router of the network.

98. What is the difference between TFTP and FTP?
The Trivial File Transfer Protocol (TFTP) allows a local host to obtain files from a remote host but does not provide reliability or security. It uses the fundamental packet delivery services offered by UDP. The File Transfer Protocol (FTP) is the standard mechanism provided by TCP / IP for copying a file from one host to another. It uses the services offer by TCP and so is reliable and secure. It establishes two connections (virtual circuits) between the hosts, one for data transfer and another for control information.
99. What is Virtual memory?
Virtual memory or virtual memory addressing is a memory management technique, used by computer operating systems, more common in multitasking OSes, wherein non-contiguous memory is presented to a software as contiguous memory. This contiguous memory is referred to as the virtual address space.
Virtual memory addressing is typically used in paged memory systems. This in turn is often combined with memory swapping (also known as anonymous memory paging), whereby memory pages stored in primary storage are written to secondary storage (often to a swap file or swap partition), thus freeing faster primary storage for other processes to use.
100. What is VLAN?

A virtual LAN, commonly known as a VLAN or as a VLAN, is a method of creating independent logical networks within a physical network. Several VLAN’s can co-exist within such a network. This helps in reducing the broadcast domain.
A VLAN consists of a network of computers that behave as if connected to the same wire - even though they may actually be physically connected to different segments of a LAN. Network administrators configure VLAN’s through software rather than hardware, which make them extremely flexible
Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)