IBM Q & Ans

8/3/2019 IBM Q & Ans

1/24

Hi Sam,

if everyone can contribute then i will put forward some valuable questions asked for me in my interviews.

i am looking for some questions answers .so please contribute to this.

Questions asked in for my ibm interview

1)what are the disk types used in a two node cluster?2)where are the quorum information stored in a cluster?3)is there any 3 node cluster available,if so which one that? N node majority set where we can have quorum onthree nodes4)how can we add group policy to a group of 100 users in a domain? apply group policy to a group other thanusing OU? he is telling like we can do that practically ---- no idea5)we have a domain set with 10 dcs and all are initially windows mixed mode.i have the system state backupand finally I raised the functional level to 2003.suddenly one of my dc goes down how can I restore the dcfrom that backup?6)what are the different types of cluster available?7)how many ips are required for 3 node cluster? What are they?8)what is the difference between 2003 and 2008 dns?9)what is ADDS and ADLDS WHERE WE ARE USING IN WINDOWS 2008?10)HOW WE WILL ADD unique wall paper for set of users/11)how we will enable auditing for a set of users login to domain and where we will do that?12)how the policy are apllied in ADthe levels?13)what are the difference between windows 2003 and windows 2008?14)how the change management is done in our work?15)what are the relevant things we have to take care when we performing a change?16)what we will do in case of an emergency where CAB is difficult to call for ?17)what is application directory partition and please mention any other incident of an application directorypartition we are having other than dns?18) where we will do the replication thing in domain?19)what is service activation and deactivation kind of jobs?20)what we need to do for server builds related to software repositorys?21)when service pack 2 is not working in 2003,how we will trouble shoot that to msake that to install inwindows?22)mention any critical issue you face while doing the server build?23)what are relevnt things you need to collect before performing any server buid other that os softwares?24)how you will trouble shoot whether the cluster is working or not?25)where we will place the quorum in a cluster?26)what is AD and DC?

how to find the dc where client authentication is carried on?

ans:nltest /dsgetdc:domainname

how to find what happened to the server which rebooted when we verify application log to find an application?

ans : try to reboot the server and log in safemode to find the root cause -- any other suggestions

questions asked in accenture interview

what is change management?

What sort of activity you are doing related to change management in your company?

8/3/2019 IBM Q & Ans

2/24

What is release management?

How we will troubleshoot problems with password for users in AD?

How we will troubleshoot login problems for users in AD?

What are the general concepts related to ISO standards in IT expecially ISO27000?

What are the roles used in AD?

What is stub zone in dns and whether the database is Read only or R/W?

What is dhcp and what is its working process?

What is the upstream and downstream in WSUS?

What is the data size of LTO 3------- 400/800 GB ,LTO 4--------- 800/1600 GB?

What is the port used by the clients to push patches from a WSUS server -------- 80 ?

Whether forwarders are available for use in windows 2000? --------- NO

What is incident management?

interview questions asked in first american corporation

1)what are main differences between 2003 and 2008 AD(mention any 3)

2)where is the logfiles of iis 6 located?

3)what is meant by basic and windows authentication?

4)what are the main resources we are used for a file server cluster.

5)Wnere is the cluster database file lcated

6)What is the name of the load balancer device used here? Ab director

7)How we will direct the client authentication to another dc?

Ans:

Problem

The following question was posted in the Technical Q&A by NateH:

"I have a client that has two physically separate buildings. They have a T1 connection between the two andhave been running with one server for both buildings. Building 1 is on subnet 10.0.0.0 and building 2 is on10.1.0.0. I am setting up a domain controller in the second building and was wondering how to configure theclients so that they logon/authenticate via that second DC rather than the first DC [across the WAN link]. Do Ineed to set it up as a second site [in Active Directory], or can I set it up as the same site?"

Solution

8/3/2019 IBM Q & Ans

3/24

An excellent explanation was provided by BFilmFan (one of the most of the most prolific posters in theTechnical Q&A):

"You should create an Active Directory site for building 2 and associate it with the subnet 10.1.0.0. Clientslocate a domain controller based upon their site information. There is a fairly thorough explanation of this onMicrosoft's site. Job Aids for Windows 2003 has a worksheet that will probably impress the management

folks. And an example of planning domain controller placement can be found here."

8)what do you meant by authoritative and non authoritative restore how we will perform non authoritativerestore?

10)whether we can the VMware files in hyperv?

11)domain rename can be done in windows 2003 or not?

12)what do you mean by scope?

13)what is stub zone in dns?

14)why we configuring subnets under sites?

15)how we will configure round robin win windows DNS?

What we have to do when we face a problem when we are installing sp2 on windows server 2003Problem:

Microsoft Server 2003 Small Business Server (SBS) Service Pack 2 Failed to install catalog files.Failed to install catalog files error.Windows Server 2003 has been partially updated and may not work properly.

Solution 1:

1. Click Start -> Run and type "cmd" (without quotes) and press Enter.2. Run this command in the command prompt: Net stop Cryptsvc3. Go to C:\Windows\system32\catroot2 and rename Edb.log to Edb.txt.4. Click Start -> Run and type "cmd" (without quotes) and press Enter.5. Run this command: Net start Cryptsvc6. Reboot the server.7. Install the Service Pack 2 (Win 2003 SP2) again.There is a chance that you may get the error again. If so, go to Solution 2.

Solution 2:

1. Create a folder on the desktop and name it "temp" (without quotes.)2. Go to C:\Windows\system32\CatRoot folder.3. Press "F3" on your keyboard (Search the folder for files/directories.)

4. Search for "tmp*.cat, KB*.cat" (without quotes.) Make sure you search for all files and folders in CatRootfolder.5. Move all the files to temp folder on the desktop.6. Reboot the system.7. Install Windows Server 2003 Service Pack 2 again after the server restarts.

Interview questions asked (HP)

8/3/2019 IBM Q & Ans

4/24

1)what are main difference between 2000 and 2003 DNS?

2)what the event iDS 2020 and 2019 represents?

3)What are the debugging tools using for troubleshooting the memory dumps files in windows?

4)what is the name of the debugging tools used troubleshooting memory dumps?

5)how we will troubleshoot clustering in windows 2003?

6)what is the importance of pdc emulater ?

7)what are remote management tools used for HP,dell and ibm? Ilo ,drac and ??/

8)what will do to trouble shoot memory dump errors?

9)what is conditional forwarding in dns?

please add answers to these questions and we will discuss this in detail.also put forward others experience

#5LifeMember

Members

58 posts

Gender:Male

Location:india

Posted 08 June 2010 - 05:27 PM

more to come..

Interview questions and answers-------- updating

1)what are the disk types used in a two node cluster?

Single quorum device cluster, also called a standard quorum cluster

Single Quorum Device Cluster The most widely used cluster type is the single quorum device cluster, also called the standard

quorum cluster. In this type of cluster there are multiple nodes with one or more cluster disk arrays,

also called the cluster storage, and a connection device, that is, a bus. Each disk in the array is

owned and managed by only one server at a time. The disk array also contains the quorum

resource. The following figure illustrates a single quorum device cluster with one cluster disk array.

Single Quorum Device Cluster

2) where are the quorum information stored in a cluster?

8/3/2019 IBM Q & Ans

5/24

A quorum is the clusters configuration database.

The database resides in a file named \MSCS\quolog.log. The quorum is sometimes also referred to

as the quorum log.

If the error message occurs after you restore the system state on a computer that has lost the

quorum log, the quorum information is copied to %SystemRoot%\Cluster\Cluster_backup. You can

use the Clusrest.exe tool from the Resource Kit to restore this information to the quorum disk.

Although the quorum is just a configuration database, it has two very important jobs. First of all, ittells the cluster which node should be active.

The quorum tells the cluster which node is currently active and which node or nodes are in stand by.

In Windows Server 2003, Microsoft introduced a new type of quorum called the Majority Node Set

Quorum (MNS).

The thing that really sets a MNS quorum apart from a standard quorum is the fact that each node

has its own, locally stored copy of the quorum database.

Although MNS quorums offer some interesting possibilities, they also have some serious limitations

that you need to be aware of. The key to understanding MNS is to know that everything works based

on majorities. One example of this is that when the quorum database is updated, each copy of the

database needs to be updated. The update isnt considered to have actually been made until over

half of the databases have been updated ((number of nodes / 2) +1). For example, if a cluster has

five nodes, then three nodes would be considered the majority. If an update to the quorum was

being made, the update would not be considered valid until three nodes had been updated.

Otherwise if two or fewer nodes had been updated, then the majority of the nodes would still have

the old quorum information and therefore, the old quorum configuration would still be in effect.

3)Is there any 3 node cluster available, if so which one that?

Majority Node set where we can have quorum on three nodes.

One of the most important things to know about MNS is that you must have at least three nodes in

the cluster.

Remember that a majority of nodes must be running at all times. If a cluster only has two nodes,

then the majority is calculated to be 2 ((2 nodes / 2) +1)-2. Therefore, if one node were to fail, the

entire cluster would go down because it would not have quorum.4)how can we add group policy to a group of 100 users in a domain?Apply group policy to a group

other than using OU? he is telling like we can do that practically ---- no idea

Normally we will assign it through OU.We will put these users in that specific OU and apply policy to

that OU.

In order to apply Group Polices to specific users or computers, you add users (or groups) and

computers to container objects. Anything in the container object will then get the policies linked to

that container. Sites, Domains and OUs are considered container objects.

Computer and User Active Directory objects do not have to put in the same container object. For

example, Sally the user is an object in Active Directory. Sally's Windows 2000 Pro PC is also an

object in Active Directory. Sally the user object can be in one OU, while her computer object can beanother OU. It all depends on how you organize your Active Directory structure and what Group

Policies you want applied to what objects.

Reference: http://www.svrops.co...s/gpolicies.htm

5)we have a domain set with 10 dcs and all are initially windows mixed mode.i have the system state

backup and finally I raised the functional level to 2003.suddenly one of my dc goes down how can I

restore the dc from that backup?

8/3/2019 IBM Q & Ans

6/24

What I have answered is no need to use the backup. We have to reinstall a new dc with same name

and connect with the existing setup as after replication data will get update to each other

If any problem with that then need cleanup the device info from the AD database and do the same

as all dcs are peers.

6)what are the different types of cluster available?

three different types of server clusters:

Single quorum device cluster, also called a standard quorum cluster Majority node set cluster

Local quorum cluster, also called a single node cluster

Single Quorum Device Cluster

The most widely used cluster type is the single quorum device cluster, also called the standard

quorum cluster. In this type of cluster there are multiple nodes with one or more cluster disk arrays,

also called the cluster storage, and a connection device, that is, a bus. Each disk in the array is

owned and managed by only one server at a time. The disk array also contains the quorum

resource. The following figure illustrates a single quorum device cluster with one cluster disk array.

Single Quorum Device Cluster

Because single quorum device clusters are the most widely used cluster, this Technical Reference

focuses on this type of cluster.

Majority Node Set Cluster

Windows Server 2003 supports another type of cluster, the majority node set cluster. In a majority

node set cluster, each node maintains its own copy of the cluster configuration data. The quorum

resource keeps configuration data consistent across the nodes. For this reason, majority node set

clusters can be used for geographically dispersed clusters. Another advantage of majority node set

clusters is that a quorum disk can be taken offline for maintenance and the cluster as a whole will

continue to operate.

The major difference between majority node set clusters and single quorum device clusters is that

single quorum device clusters can operate with just one node, but majority node set clusters need to

have a majority of the cluster nodes available for the server cluster to operate. The following figure

illustrates a majority node set cluster. For the cluster in the figure to continue to operate, two of thethree cluster nodes (a majority) must be available.

Majority Node Set Cluster

This Technical Reference focuses on the single quorum device cluster.

Local Quorum Cluster

A local quorum cluster, also called a single node cluster, has a single node and is often used for

testing. The following figure illustrates a local quorum cluster.

Local Quorum Cluster

7)how many ips are required for 3 node cluster? What are they?

Scenario supporting above questionsIn a hypothetical scenerio:

I want 4 node, active/active/active/active cluster.

There are 4 sql instances installed on each node, with name SQLInstance1....

SQLInstance4

My questions:

8/3/2019 IBM Q & Ans

7/24

1) Can I use just one virtual name, for example SQLVirtualServer and clients

can access sql instances in format SQLVirtualServer\InstnaceName? Or Do I

need to create separate pair or virtual name/IP for each sql instance?

How many total IP addresses/hostnames I will need in 4 nodes/instances

cluster?

2) Each instance will be active on one node and other three nodes will in

stand by mode for that instance? Or there can be only on node in stand by for

each instance?

3) if there can be multiple nodes stand by, how it is determined which node

will take over in case of a failure?

Ans: Each instance must be installed in a unique virtual server.

Virtual names must be unique and instance names must be unique.

You will need 9 names and IP addresses;

One for each node (4)

One for each instance(4)

and one for the cluster itself(1)

Instances and nodes are independent entities. You can spread instances

across all the nodes or stack them together. Note that instances do not

have to consume an entire node.

Clustering chooses the least loaded node to failover to or you can set a

preferred failover order per instance.

I suggest building a virtual guest cluster and playing with clustering to

get the concepts down before you try and design a production system.

8)what is the difference between 2003 and 2008 dns?

Top 10 new features in Windows Server 2008

1. The self-healing NTFS file system

2. Parallel session creation

3. Clean service shutdown

4. Kernel Transaction Manager

5. SMB2 network file system

6. Address Space Load Randomization (ASLR)

7. Windows Hardware Error Architecture (WHEA)8. Windows Server Virtualization

9. PowerShell

10. Server Core

^ Windows Server 2008 R2 supports DNSSEC, however dynamic DNS is not supported for

DNSSEC-signed zones. For earlier versions including Windows Server 2003, DNSSEC functionality

must be manually activated in the registry. In these versions, the DNSSEC support is sufficient to act

as a slave/secondary server for a signed zone, but not sufficient to create a signed zone (lack of key

8/3/2019 IBM Q & Ans

8/24

generation and signing utilities).

^ IPv6 functionality in the Microsoft DNS server is only available on Windows Server 2003 and

newer.

Prior to Windows Server 2003 and Microsoft Windows 2000 Service Pack 3, the most common

problem encountered with Microsoft's DNS server was cache pollution. Although Microsoft's DNS

Server had a mechanism for properly dealing with cache pollution, the mechanism was turned off by

defaultIn 2004, a common problem involved the feature of the Windows Server 2003 version of Microsoft's

DNS server to use EDNS0, which a large number of firewalls could not cope with. [3]

What's New in DNS in Windows Server 2008

Windows Server 2008 provides a number of enhancements to the DNS Server service that

improve how DNS performs.

Overview of the Improvements in DNS

The DNS Server role in Windows Server 2008 contains four new or enhanced features that improve

the performance of the DNS Server service or give it new abilities:

Background zone loading: DNS servers that host large DNS zones that are stored in Active

Directory Domain Services (AD DS) are able to respond to client queries more quickly when they

restart because zone data is now loaded in the background.

IP version 6 (IPv6) support: The DNS Server service now fully supports the longer addresses of the

IPv6 specification.

Support for read-only domain controllers (RODCs): The DNS Server role in Windows Server 2008

provides primary read-only zones on RODCs.

Global single names: The GlobalNames zone provides single-label name resolution for large

enterprise networks that do not deploy Windows Internet Name Service (WINS). The GlobalNames

zone is useful when using DNS name suffixes to provide single-label name resolution is not

practical.

Global query block list: Clients of such protocols as the Web Proxy Auto-Discovery Protocol

(WPAD) and the Intra-site Automatic Tunnel Addressing Protocol (ISATAP) that rely on DNS name

resolution to resolve well-known host names are vulnerable to malicious users who use dynamic

update to register host computers that pose as legitimate servers. The DNS Server role in WindowsServer 2008 provides a global query block list that can help reduce this vulnerability.

What are the major changes in dns for windows 2008 R2?

Support for Domain Name System Security Extensions (DNSSEC) is introduced in Windows

Server 2008 R2 and Windows 7. With Windows Server 2008 R2 DNS server, you can now sign

and host DNSSEC-signed zones to provide security for your DNS infrastructure.

The following changes are available in DNS server in Windows Server 2008 R2:

Ability to sign a zone and host signed zones.

Support for changes to the DNSSEC protocol.

Support for DNSKEY, RRSIG, NSEC, and DS resource records.

The following changes are available in DNS client in Windows 7:

Ability to indicate knowledge of DNSSEC in queries.

Ability to process the DNSKEY, RRSIG, NSEC, and DS resource records. Ability to check whether the DNS server with which it communicated has performed validation on

the clients behalf.

The DNS clients behavior with respect to DNSSEC is controlled through the Name Resolution

Policy Table (NRPT), which stores settings that define the DNS clients behavior. The NRPT is

typically managed through Group Policy.

What does DNSSEC do?

DNSSEC is a suite of extensions that add security to the DNS protocol. The core DNSSEC

8/3/2019 IBM Q & Ans

9/24

extensions are specified in RFCs 4033, 4034, and 4035 and add origin authority, data integrity, and

authenticated denial of existence to DNS. In addition to several new concepts and operations for

both the DNS server and the DNS client, DNSSEC introduces four new resource records (DNSKEY,

RRSIG, NSEC, and DS) to DNS.

In short, DNSSEC allows for a DNS zone and all the records in the zone to be cryptographically

signed. When a DNS server hosting a signed zone receives a query, it returns the digital signatures

in addition to the records queried for. A resolver or another server can obtain the public key of thepublic/private key pair and validate that the responses are authentic and have not been tampered

with. In order to do so, the resolver or server must be configured with a trust anchor for the signed

zone, or for a parent of the signed zone.

DNS Devolution

Published: October 21, 2009

Devolution is a behavior in Active Directory environments that allows client computers that are

members of a child namespace to access resources in the parent namespace without the need to

explicitly provide the fully qualified domain name (FQDN) of the resource.

With devolution, the DNS resolver creates new FQDNs by appending the single-label, unqualified

domain name with the parent suffix of the primary DNS suffix name, and the parent of that suffix,

and so on, stopping if the name is successfully resolved or at a level determined by devolution

settings.

For example, if the primary DNS suffix is central.contoso.com and devolution is enabled with a

devolution level of two, an application attempting to query the host name emailsrv7 will attempt to

resolve emailsrv7.central.contoso.com and emailsrv7.contoso.com. If the devolution level is three,

an attempt will be made to resolve emailsrv7.central.contoso.com, but not emailsrv7.contoso.com.

Devolution is not enabled in Active Directory domains when the following conditions are true:

1. A global suffix search list is configured using Group Policy.

2. The Append parent suffixes of the primary DNS suffix check box is selected on the DNS tab in the

Advanced TCP/IP Settings for IPv4 or IPv6 Internet Protocol (TCP/IP) Properties of a client

computers network connection.

9)what is AD DS and ADLDS WHERE WE ARE USING IN WINDOWS 2008?

AD DS is the active directory domain servicesActive Directory Application Mode (ADAM) is a light-weight implementation of Active Directory.

ADAM is capable of running as a service, on computers running Microsoft Windows Server 2003 or

Windows XP Professional. ADAM shares the code base with Active Directory and provides the same

functionality as Active Directory, including an identical API, but does not require the creation of

domains or domain controllers.

Like Active Directory, ADAM provides a Data Store, which is a hierarchical datastore for storage of

directory data, a Directory Service with an LDAP Directory Service Interface. Unlike Active Directory,

however, multiple ADAM instances can be run on the same server, with each instance having its

own and required by applications making use of the ADAM directory service.

In Windows Server 2008, ADAM has been renamed AD LDS (Lightweight Directory Services).[15]

Active Directory Lightweight Directory Services

Active Directory Lightweight Directory Services (AD LDS) provides directory services for directory-enabled applications. AD LDS does not require or rely on Active Directory domains or forests. AD

LDS was previously known as Active Directory Application Mode (ADAM).

10)HOW WE WILL ADD unique wall paper for set of users/

If you run a company, you might want to set your company logo or any particular wallpaper on all of

your users' desktops. On the other hand, if you use a single system you might still want to have your

desired wallpaper on Desktop and it really annoys when someone changes the wallpaper.

So if you are tired from people changing the wallpaper and want to prevent users from changing it

8/3/2019 IBM Q & Ans

10/24

everyday, then this tutorial will help you.

In this tutorial, you'll learn a way to set your desired wallpaper on Desktop and no one will be able to

change it neither from Desktop Properties nor by right-clicking on an image and select "Set as

Desktop Background".

So here we start our tutorial:

1. Type regedit in RUN dialog box or Startmenu Search box and press Enter. It'll open registry

Editor.2. Now go to following key:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies

3. Under "Policies" key, create a new key "System". It might already exist in some systems.

4. Now select "System" key and in right-side pane, create a new STRING value Wallpaper and set

its value to the exact path of your desired wallpaper. You can use .JPG and .BMP files in this

method.

e.g. if your wallpaper exists in "E:\Wallpapers\Wall1.JPG", then set the same path as value of

"Wallpaper".

5. You can also set the wallpaper style e.g. Centered, Tiled or Stretched. Create a new STRING

value WallpaperStyle and set its value to as following:

0 (Centered)

1 (Tiled)

2 (Stretched)

6. That's it. Now restart or log off your system and no one will be able to change the wallpaper.

PS: If you also want to disable the "Desktop" tab in Desktop Properties, then you can visit following

tutorial:

We can also enable the group policy options like enable desktop wall paper and enable active

desktop in group policy

In case if this is not properly working for the OU where we apply this also try with the following

registry key

Based on our test, it seems the Registry key [HKEY_CURRENT_USER\Control

Panel\Desktop\WallPaper] is missing and caused this problem. To work around this issue, pleasecreate a String Value [HKEY_CURRENT_USER\Control Panel\Desktop\WallPaper] on client and try

to set wallpaper.

We can use Group Policy Preference->Registry to deploy this Registry key or use user logon script

to deploy this Registry key.

11)how we will enable auditing for a set of users login to domain and where we will do that?

Windows & Active Directory Auditing

If you are like most administrators, you want to know who is logging on, to which computer, and

accessing resources on your servers. For your Windows computers and Active Directory

environment, you have options to help you determine what you want to know.

If you fall into the category of a highly-secure environment, where you need to track access to some

or all of the resources on the network, you also have options to help you track the access to the

resources. The feature in Windows that provides this tracking and logging of who is accessing which

resource from computers on the network is called auditing. There are numerous auditing options and

configurations that you can choose from. We will take a look at each option and go over what each

option can provide for you.

8/3/2019 IBM Q & Ans

11/24

8/3/2019 IBM Q & Ans

12/24

from, or making a network connection to the computer configured to audit logon events. A good

example of when these events are logged is when a user logs on interactively to their workstation

using a domain user account. This will generate an event on the workstation, but not on the domain

controller that performed the authentication. In essence, logon events are tracked where the logon

attempt occurs, not where the user account resides. This setting is not enabled for any operating

system, except for Windows Server 2003 domain controllers, which is configured to audit success of

these events. It is common and best practice to log these events on all computers on the network.Audit object access This will audit each event when a user accesses an object. Objects include

files, folders, printers, Registry keys, and Active Directory objects. In reality, any object that has an

SACL will be included in this form of auditing. Like the Auditing of directory access, each object has

its own unique SACL, allowing for targeted auditing of individual objects. There are no objects

configured to be audited by default, which means that enabling this setting will not produce any

logged information. Once this setting is established and a SACL for an object is configured, entries

will start to show up in the logs on access attempts to the object. It is not common to configure this

level of auditing until there is a specific need to track access to resources. In highly secure

environments, this level of auditing is usually enabled and numerous resources are configured to

audit access.

Audit policy change This will audit each event that is related to a change to one of the three

policy areas on a computer. These policy areas include:

User Rights Assignment

Audit Policies

Trust relationships

This setting is not enabled for any operating system, except for Windows Server 2003 domain

controllers, which is configured to audit success of these events. It is common and best practice to

configure this level of auditing for all computers on the network.

Audit privilege use This will audit each event that is related to a user performing a task that is

controlled by a user right. The list of user rights is rather extensive, as shown in Figure 3.

Figure 3: List of User Rights for a Windows computer

This level of auditing is not configured to track events for any operating system by default. It iscommon and a best practice to configure this level of auditing for all computers on the network.

Audit process tracking This will audit each event that is related to processes on the computer.

Examples would include program activation, process exit, handle duplication, and indirect object

access. This level of auditing produces an excessive number of events and is typically not

configured unless an application is being tracked for troubleshooting purposes.

Audit system events This will even audit an event that is related to a computer restarting or being

shut down. Events that are related to the system security and security log will also be tracked when

this auditing is enabled. This is a required audit configuration for a computer that needs to track not

only when events occur that need to be logged, but when the log itself is cleaned. This setting is not

enabled for any operating system, except for Windows Server 2003 domain controllers, which is

configured to audit success of these events. It is a best practice to configure this level of auditing for

all computers on the network.Success or Failure Auditing?

Each of these options provide two configuration settings: Success and/or Failure. These options are

essential to help you track the required information that is generated from a user performing a task.

Tasks are typically related to one of the following:

Permissions configured on the Access Control List of a resource

User Rights configured for a specific computer

Administrative privileges, typically granted through group membership

8/3/2019 IBM Q & Ans

13/24

If the user attempts to perform a task which they have not been granted permission for will result in a

failure to perform the task. For example, if a user attempts to change the time on their laptop, but

they are not in the local Administrators group, this will generate a failed attempt to Change the

System Time, which is a User Right granted directly to users or groups of users, including the

Administrators group.

The flip side of this is also true, where if a user attempts to perform a task which they have been

granted the appropriate permission, they will generate a success trigger for that task. A goodexample here might be a user that has been delegated permissions to modify the membership of a

group located in Active Directory.

As you can see, depending on what you want to track, success or failure, will need to be setup when

you enable the specific auditing setting.

Conclusion

With so many options for tracking events in a Windows environment, it is important to understand

what each option provides through the security log of the event viewer. It is also important to know

and recognize the default settings, which are not always set to properly track events for your

important member servers. Finally, you were provided with some best practice recommendations for

these settings, which you should decide if your environment should accept the same settings.

12)how the policy are applied in ADthe levels?

GPO Priorities

Local GPOs are applied in the following order, with later policies overriding conflicting settings in

earlier policies:

1. local computer policy;

2. administrators and non-administrators policies;

3. user-specific policies.

For example, if you set the desktop to blue in the local computer policy but set it to red in the

administrators policy, it will appear red when an administrator logs on. If you set the desktop to

green in the user-specific policy, that setting would override all other local GPOs.

If the computer is a member of an Active Directory domain, domain GPOs always override

conflicting settings in local GPOs. If you want to completely disable local GPOs, enable the followingsetting in a domain GPO:

computer configuration\administrative templates\system\group policy\turn off local group policy

objects processing

With Group Policy objects, you can change hundreds of default settings in Microsoft Windows

from color schemes to desktop security and create a complex hierarchy of GPOs to configure

settings based on the user and the computers location, organization and purpose in Active Directory

environments.

Heres how to define, edit and prioritize multiple local GPOs.

First, not all computers can join a domain. For example, public computers (such as a kiosk in a

library) are frequently attacked and could put the entire domain at risk. Windows XP and earlier

versions of Windows had a single local GPO that applied settings to the client computer and allusers that logged on to the computer. Therefore, if you needed to lock down the desktop

environment to prevent guests from opening the Start menu, you also made it impossible to manage

the computer when logged on as an administrator.

Windows Vista now supports multiple local Group Policy objects (MLGPOs) so that you can apply

different settings to administrators, non-administrators and specific users.

MLGPO Types

Windows Vista supports the following local GPOs:

8/3/2019 IBM Q & Ans

14/24

Local Computer Policy: Just like earlier versions of Windows, Vista supports local computer policy

that always applies, regardless of which user is logged on. This policy contains both the Computer

Configuration and User Configuration nodes. All other local GPOs contain only the User

Configuration node.

Administrators Policy: Settings configured in this policy apply only to users who are members of the

local Administrators group.

Non-administrators Policy: Settings apply to all users who are not members of the localAdministrators group.

User-Specific Policies: You can configure GPOs that apply to only a specific user account.

Any user who logs on will have, at most, three local GPOs: the local computer policy, a user-specific

policy, and either the administrators or non-administrators policy. Oddly, you cannot create local

GPOs that apply to local groups, such as backup operators or guests.

Troubleshooting Local GPOs

You can troubleshoot problems with local GPOs using most of the same tools you use for Active

Directory GPOs, including:

Resultant Set of Policy: A Microsoft Management Console snap-in that analyzes all Group Policy

settings, displays the effective settings, and allows you to isolate the Group Policy objects that define

any setting.

GPResult: A command-line tool that provides a list of active GPOs, including both domain and local

GPOs, among other useful information.

Event Viewer: Vista adds an event to the System Event Log when policies are applied, and stores

detailed processing information in the applications and service logs\microsoft\windows\group

policy\operational event log. The Operational Event Log replaces the userenv.log file used in earlier

versions of Windows.

Group Policy Log View: A tool that exports Group Policy event data into a text file. You can

download GPLogView at go.microsoft.com/fwlink/?LinkId=75004.

13)what are the difference between windows 2003 and windows 2008?

2008 is combination of vista and windows 2003r2. Some new services are introduced in it

1. RODC one new domain controller introduced in it

[Read-only Domain controllers.]2. WDS (windows deployment services) instead of RIS in 2003 server

3. shadow copy for each and every folders

4.boot sequence is changed

5.installation is 32 bit where as 2003 it is 16 as well as 32 bit, thats why installation of 2008 is faster

6.services are known as role in it

7. Group policy editor is a separate option in ads

2) The main difference between 2003 and 2008 is Virtualization, management.

2008 has more inbuilt components and updated third party drivers Microsoft introduces new feature

with 2k8 that is Hyper-V Windows Server 2008 introduces Hyper-V (V for Virtualization) but only on

64bit versions. More and more companies are seeing this as a way of reducing hardware costs by

running several 'virtual' servers on one physical machine. If you like this exciting technology, makesure that you buy an edition of Windows Server 2008 that includes Hyper-V, then launch the Server

Manger, add Roles.

3) In Windows Server 2008, Microsoft is introducing new features and technologies, some of which

were not available in Windows Server 2003 with Service Pack 1 (SP1), that will help to reduce the

power consumption of server and client operating systems, minimize environmental byproducts, and

increase server efficiency.

8/3/2019 IBM Q & Ans

15/24

Microsoft Windows Server 2008 has been designed with energy efficiency in mind, to provide

customers with ready and convenient access to a number of new power-saving features. It includes

updated support for Advanced Configuration and Power Interface (ACPI) processor power

management (PPM) features, including support for processor performance states (P-states) and

processor idle sleep states on multiprocessor systems. These features simplify power management

in Windows Server 2008 (WS08) and can be managed easily across servers and clients using

Group Policies.

14)how the change management is done in our work?

Change Management

Change Management aims to ensure that standardised methods and procedures are used for

efficient handling of all changes,

Main article: Change Management (ITSM)

A change is an event that results in a new status of one or more configuration items (CI's)[citation

needed] approved by management, cost effective, enhances business process changes (fixes) - with

a minimum risk to IT infrastructure.

The main aims of Change Management include:

Minimal disruption of services

Reduction in back-out activities

Economic utilization of resources involved in the change

[edit] Change Management Terminology

Change: the addition, modification or removal of CIs

Change Request (CR): form used to record details of a request for a change and is sent as an

input to Change Management by the Change Requestor

Forward Schedule of Changes (FSC): schedule that contains details of all forthcoming Changes..

Management details with practical details

The Service Desk

Practical Case

As an essential step in implementing the ITIL methodology in the company, the management of

"Cater Matters" decided to set up a service desk centralising all the IT organisation's contacts withcustomers and suppliers.

To do so, the following decisions were made:

A manager was appointed to be in charge of the Service Desk.

After a careful analysis of the needs of the organisation and users, the main functions of the

service desk were defined:

o Managing the first line of support for Incident Management.

o Monitoring the quality of service offered with respect to the SLAs.

o Providing sales-related information about the services offered.

o Conducting regular surveys on the level of customer satisfaction.

o Drawing up periodic reports with the information gathered.

Running a small promotion to present the new services to existing and potential customers.

Setting web space so as to channel user interaction through the web as much as possible, bymeans of:

o Forms for queries and reporting incidents.

o Remote querying (by means of the associated web services) of the state of active incidents,

incident history and compliance with SLAs.

o Up-to-date FAQs allowing users to run their own queries on the services provided, known errors,

etc.

Drawing up a "Customer Care Manual" describing the different protocols for interaction with users,

8/3/2019 IBM Q & Ans

16/24

depending on the situation in question.

Choosing a software tool to help record and manage all the Service Desk's information flows.

Giving specific training:

o To staff responsible for dealing directly with users and customers on applying the "Customer Care

Manual".

o On the software tools used.

Creating a detailed plan for the progressive implementation of the Service DeskIncident Management

Practical Case

The "Cater Matters" Service Desk has just received a call from the person in charge of supplies at

one of its customer's canteens.

He says that although he had ordered a new batch of ice-creams a few days ago over the web, they

had not yet arrived and the stock in the fridge was running low.

The Service Desk operator looks in the orders database and confirms that the order was made

several days ago, but he also notices that it was incorrectly stored.

He tries to repeat the order on his computer, but the system continues to malfunction.

Following the established protocols, the operator then takes the following decisions:

He evaluates its priority: although the impact is low, the incident is urgent as the customer needs

the delivery urgently.

He logs the details of the incident.

He consults the Knowledge Base to investigate whether the incident is the result of a known error,

and if there are any possible work-arounds.

A temporary solution is proposed to the customer: he is pointed in the direction of a reserved area

of the website where he can place "urgent" orders by email.

He contacts the systems department to warn that the incident may be repeated throughout the

morning.

Using the application that monitors warehouse stock, he checks the availability of the ice-creams

ordered.

He reassures the customer that he will receive the ice-creams before midday via the company's

express service.Meanwhile, the systems department:

Runs a series of tests and confirms that, in general, the system is functioning correctly.

Are unable to identify the cause of the incident.

They contact Service Desk and suggest that the problem be forwarded to Problem Management

with a preliminary classification of low priority.

Service Desk receives the information and decides that:

Given the low impact of the incident and the fact that the customer has been given a satisfactory

work-around, it does not need to be escalated.

They log the work-around for the incident together with the information provided by the systems

department.

The incident is closed.

Problem ManagementPractical Case

The Service Desk of "Cater Matters" has informed Problem Management about an incident which

could not be associated with a known error and which caused a low impact interruption to service.

Problem Management decided to analyse the problem following the established protocol, which is

based on the Kepner-Tregoe method:

Identifying the problem.

Classifying of the problem.

8/3/2019 IBM Q & Ans

17/24

Establishing the possible causes.

Checking the most likely cause.

Confirming the actual cause.

Identification: In the case with which we are concerned, the problem is easy to define:

The online orders application produces unpredictable errors when recording certain orders. There

is no apparent relationship between the error and other hardware/software components.

Classification: The problem may be classified according to the following parameters: Identification: Problems recording orders.

Source: Online orders module.

Frequency: the problem is not recurrent, this is the first time it has been detected.

Impact: slight. The incident was resolved without a serious interruption to service.

Possible causes: The most likely causes include:

Errors in programming on the client side of the application.

Errors in the web server recording modules.

Database configuration errors.

The analysts decide that the most likely origin of the problem is in the application's recording

modules.

Checking the most likely cause: with the help of the information recorded by Incident Management:

Problem management tries to reproduce the problem.

They find that the error is only reproduced with a particular brand of ice-cream.

They notice that the brand of ice-cream has an apostrophe in its name and that if this is removed

the order is recorded without problems.

Verification:

A test environment is set up reproducing the module of interest on the live environment.

The necessary programming changes are made.

They confirm that the order is recorded correctly.

The problem has been converted into a known error. It is now the task of Error Control to:

Raise an RFC with the proposed solution.

Carry out the post-implementation review if Change Management considers it appropriate to

implement the RFC.Configuration Management

Practical Case

Although configuration management is vitally important, it can easily turn into a devourer of

resources if excessively ambitious criteria are laid down. Therefore, the management of "Cater

Matters" initially decided to limit the scope of the configuration database to the systems it felt to be

critical:

LAN servers.

Internet servers.

Service Centre computing infrastructure.

SLAs

To simplify management yet further, they decided to harmonise their configurations in a series of

"reference configurations" applicable to the CIs described above.Although this was a significant initial investment, it was felt that its had clear advantages:

Medium-to-long term reduction in the associated costs.

Improving the consistency of the services delivered.

Simplification of all the processes associated with service support: Incidents, problems, changes,

versions, etc.

Opting for a series of standard configurations allows a high level of detail to be achieved without the

effort involved's being excessive. The following items were therefore entered on the database:

8/3/2019 IBM Q & Ans

18/24

Software configurations:

o Operating Systems:

o Installed applications.

o Interdependencies: parent-child relationships, owners, etc.

o Associated documentation.

Hardware configurations:

o Servers and work stations.o Sub-components, with their interrelations: parent-child relationships, interdependencies, etc.

o Associated documentation and controllers.

Associated SLAs and monitoring reports.

At the same time, management tools were installed to allow all these configurations to be monitored

remotely and periodic automatic audits to be carried out.

Change Management

Practical Case

The customers and suppliers of "Cater Matters" are making increasing use of the company's online

services to manage ordering and the supply chain.

Although it basically meets the needs of the business, the currently implemented system was not

designed to support a high level of activity. Both Availability Management and Capacity Management

have reported inadequacies in the process and the risk of future bottlenecks if the current rate of

growth continues.

Moreover, the company's management has decided to bolster its online presence and offer

customers higher levels of service in order to build its market share.

This all requires a substantial change in both the hardware and software driving the company's

online services, and the connection with the organisation's internal management software (ERP).

The company's management therefore raised an RFC and submitted it to Change Management. The

objectives of the RFC were:

To increase the capacity of the company's web servers in order to enhance connectivity and

response capacity.

To develop a series of WebServices permitting:

o Direct integration of the online ordering system with the company's ERP system.o Tracking of the whole ordering process.

o Management of the whole supply chain remotely in conjunction with suppliers.

To redesign the website to enhance usability and optimise it for search engine indexing.

After recording the RFC:

The request is given the "accepted" status and provisionally assigned normal priority and high

impact.

A meeting of the CAB is called, and the people in charge of e-commerce and web programming

are asked to attend.

A preliminary evaluation of the project is requested from the outside consultant who supervised the

whole implementation process for the current system.

Prior to the CAB's meeting the Change Manager, in close coordination with Capacity, Availability,

Financial and Service Level Management, and top management and project management, prepares: An initial evaluation of the costs and necessary resources.

An evaluation of the impact of the changes on the IT infrastructure.

A preliminary Gantt chart of the process.

A survey so that the Service Desk can sound out customers' opinions about the possible changes.

After weighing up the documentation submitted and the organisation's business strategy, the CAB

approves the change, and:

Finalises the schedule for the change.

8/3/2019 IBM Q & Ans

19/24

Assigns the internal and external resources needed.

Develops a plan allowing for the temporary coexistence of both online systems to ensure continuity

of service. This will involve:

o Duplication of the whole web structure: new servers will be bought so that the old ones can

continue providing continuous service and are immediately available for a possible back-out.

o "Translation" applications will be developed so as to enable the old databases to be kept up-to-

date in order to avoid the loss of data in the event of a back-out. Configuration Management is informed about all the CIs affected by the change.

The same consultancy that implemented the current system is asked to perform an external audit

on the whole process.

All the information necessary for Version Management to be able to start the testing and

implementation process is prepared.

After the change is implemented, in conjunction with "Service Support" and "Service Delivery",

Change Management:

Confirms the change is successful:

o The new system has sufficient capacity to provide the envisaged levels of service and availability.

o The new system works without apparent errors.

o Customers and suppliers perceive the change as an improvement in service delivery.

o Productivity has improved.

A check is made to ensure everything has been recorded in the CMDB correctly.

The process is evaluated.

The change is closed.

Release Management

Practical Case

Change Management has approved (see the practical case in the previous chapter) an RFC having

as its main objectives:

Increasing the capacity of the company's web servers in order to enhance connectivity and

response capacity.

Developing a series of WebServices permitting:

o Direct integration of the online ordering system with the company's ERP system.o Tracking the ordering process from end to end.

o Remotely managing the whole supply chain jointly with suppliers.

Redesigning the website to enhance usability and optimise it for search engine indexing.

Release Management is in charge of the process of developing, buying, testing and distributing the

new versions of hardware and software concerned. For this purpose:

The new hardware needs are assessed in collaboration with Capacity Management and Availability

Management and the hardware is bought and configured.

They contact their usual web development suppliers to define the specifications of the new

software precisely and to draw up a schedule for development.

The web structure is duplicated, i.e. new servers are bought so that the old ones can continue

providing continuous service and are immediately available for a possible back-out.

Translation scripts are written allowing the new data to be saved on the old version to avoid databeing lost in the event of a back-out.

A schedule is set for testing by real users so they can give their approval to the new service.

A two-stage deployment is planned:

I. The whole web structure, excluding the data, is incorporated directly onto the company's ERP.

II. The process is completed with the integration of web orders using WebServices on the ERP.

A user manual is written describing the new release and a FAQ page is created on the web that

includes the queries users raised most frequently during the testing phase.

8/3/2019 IBM Q & Ans

20/24

Users are informed about the new release and warned of possible short interruptions to service

during installation.

The new release is installed.

A master copy of all the software is stored in the DSL.

The CMDB is updated.

Service Level Management

Practical CaseThe management of "Cater Matters" has decided to implement Service Level Management adapting

the ITIL principles and recommendations to the needs of its organisation.

To carry out this task as efficiently as possible, a series of initial actions have been defined. These

are basically:

Appointing someone to manage the process.

Drawing up a catalogue of services.

Developing a comprehensive service quality plan.

Defining templates from which to create SLAs associated with the main services.

Service Level Manager

The management has appointed one of its more experienced executives accustomed to dealing with

customer relations to take the role of Service Level Manager.

His main function is to negotiate and agree on service delivery with customers, as the representative

of "Cater Matters".

His specific responsibilities include:

Preparing and maintaining an up-to-date catalogue of the services offered by "Cater Matters".

Determining the general structure of the SLAs, OLAs and UCs.

Negotiating SLAs, OLAs and UCs with customers and suppliers

Supervising fulfillment of the service delivery agreements with customers and suppliers.

Keeping the top management and IT organisation informed about the performance of the process.

Defining the service improvement plans resolving deficiencies in the quality of the services

delivered and/or adapting these services to new customer needs and the latest technological

advances.

Interacting with other IT processes to ensure that they all receive and contribution the necessaryinformation for the optimal functioning of the organisation.

Drawing up the Service Catalogue

"Cater Matters" decided to subdivide its service catalogue according to the different types of

customer contracting its services.

Private individuals.

Small businesses.

Large corporations and institutions and public bodies.

The purpose of the catalogue is not just to publicise the various services but also to show (potential)

customers clearly what the differences are between the options available on top of the basic service.

To do this, an online catalogue is developed allowing different versions to be compared and giving

an initial estimate of costs based on the different options selected.

The description of each service includes additional information about: Delivery times.

Availability of the service (holidays, night hours, etc.)

Auxiliary services.

Associated WebServices.

Applicable legislation.

Loyalty programmes.

Online support.

8/3/2019 IBM Q & Ans

21/24

Service Quality Plan

To ensure the quality of the service a SQP is developed, which defines:

The responsibility of each of the departments in the service delivery process.

Contingency plans in the event of serious deterioration of the quality of service.

Key indicators of performance and customer satisfaction.

Methods of supervision and real-time monitoring of the processes involved in delivering the service,

such as, for example, deliveries and supplying the goods. Protocols for the Service Desk's interaction with customers and users.

The levels of security, availability, capacity and redundancy necessary to ensure the correct

provision of the service in cooperation with the people in charge of these processes.

Prototype SLAs

In order to avoid the task of preparing SLAs becoming too complex and tedious, templates are

drawn up for different types of service and customer.

Each prototype SLA includes:

General, non-technical description of the services agreed.

People responsible for the agreement on both the customer's and the supplier's side.

Deadlines for delivery of the service.

Duration of the agreement and conditions for its renewal and/or cancellation.

Conditions of availability of the service.

Support and maintenance work associated.

Response times.

Recovery times in the event of incidents.

Contingency plans if applicable.

Charging and collection methods.

Criteria for evaluating the quality of the service.

IT Service Financial Management

Practical Case

The "Cater Matters" IT organisation has for several years been providing essential services both for

the organisation of the company and for external customers of its catering services.

However, to date, IT spending has not been registered on the accounts and budgeted specifically,and with the data currently available, it is impossible to know what impact IT services have on the

cost of each of the catering services provided.

The management of "Cater Matters" wants to develop a pricing policy for IT services that allows it to

pass on its costs to end users of the company's catering service, in the same way that it passes on

the cost of transport, raw materials, etc.

A senior manager from the IT department and a member of the company's finance department have

been appointed to manage this process.

The work plan for the near term includes:

In collaboration with Configuration Management, drawing up a list of all the CIs involved in

providing direct services to customers.

Evaluate the costs associated with their use, and sharing them out among the different services if

necessary, on a pro rata basis: depreciation, maintenance, consumables, etc. Evaluating the cost of staff and operating costs.

Estimating costs associated with IT services that are hidden or difficult to assign.

Evaluating indirect costs: installations, administrative costs, etc.

Establishing strict accounting criteria for the administration of IT costs.

Establishing a cost+margin pricing policy.

All these activities aim to define precisely the costs associated with the IT services already being

delivered and to propose rates that can be passed on to customers, either directly or as a part of

8/3/2019 IBM Q & Ans

22/24

general items.

However, the objectives of proactiveFinancial Management go further, and include the proper

planning of future expenses and investments. For this purpose, in collaboration with Service Level

Management, Capacity Management and Availability Management, the following points have been

studied:

Customer requirements and market trends.

The impact on costs and Service Improvement Programmes (SIP). Forecasts and future IT capacity needs.

The information compiled will be used as the basis for the preparation of the first "annual IT budgets"

prepared by Financial Management.

Capacity Management

Practical Case

Up until now, Capacity Management at "Cater Matters" has been reactive, or in other words,

capacity was increased or redistributed only when problems appeared.

With the increasing importance of IT services, both for the internal organisation of "Cater Matters"

and for its customers, the management has decided to implement ITIL best practice for Capacity

Management.

They have therefore appointed a Capacity Manager with the following main responsibilities:

Monitoring the performance of the IT infrastructure, paying special attention to online services, as

these are particularly important in providing a good service to customers.

Analysing, in conjunction with Configuration Management, the impact of the various CIs on the

system's capacity.

Evaluating, in conjunction with Service Level Management, the process, storage and bandwidth

loads the current and envisaged SLAs imply.

Evaluating, in conjunction with Financial Management, the real cost of each service.

Producing regular reports on the state of the relevant technology available for the services offered.

Analysing trends and statistics on the use and load on the system.

The results of this work should allow:

The preparation of an annual Capacity Plan which will be reviewed quarterly against the real data

obtained from monitoring of the system, together with the business forecasts. The Capacity Database (CDB) to be populated so that it contains all the information relating to

capacity.

Improvements to the service to be proposed.

With the aim of:

Minimising the number and impact of future incidents degrading the quality of service.

Rationalising the use of IT infrastructure capacity.

Reducing the cost of the IT infrastructure.

Increasing productivity and customer satisfaction.

IT Service Continuity Management

Practical Case

The IT organisation of "Cater Matters" currently lacks any IT Service Continuity Management worthy

of the name.The management of "Cater Matters" is aware of the importance that IT services have today for its

production and distribution and aims to rectify this situation.

The company's management considers that the IT services associated with stock management,

given that the stock consists of perishable products, and online ordering, are those of greatest

strategic importance. In the first instance they therefore decide that the ITSCM should guarantee the

continuity of these services within not more than 8 hours. Less ambitious targets are set for other

services.

8/3/2019 IBM Q & Ans

23/24

A senior executive from the IT department is given the role of managing the process and charged

with coordinating all the activities involved with Business Continuity Management.

Business Continuity Management has signed cooperation agreements with other catering

companies for emergency supplies to cover the company's most important customers:

Catering services for schools and hospitals.

Conferences and other large events.

In these cases, coordination requires the development of special modules allowing order databasesto be exported in standard data exchange formats so they can be processed by the other

organisation.

Additionally, an emergency stock management application has been developed to allow supplier

orders to be handled and ensure the integrity of existing stock is maintained, according to its expiry

information and the impact of the business interruption on the stock.

The following are also established:

A regular calendar of trials of the recovery plans.

A calendar of training courses on action protocols in emergency situations.

However, IT Service Continuity Management not only has to apply reactive measures to mitigate the

impact of a possible interruption to service. Its obligations also include the drafting of prevention

plans to avoid these situations arising.

To avoid interruptions to its online services the ITSCM:

Contracts collocation web hosting services with a provider that has connections through various

operators to the Internet backbone and can ensure an uninterrupted power supply.

Replicates critical systems at different geographical locations.

Supervises the policy of back-ups of the data servers.

Installs perimeter protection systems.

Availability Management

Practical Case

Availability 12/7 is a feature on which the customers of "Cater Matters" place great importance.

IT services play a small, although important, part in the services the organisation provides to its

customers and availability problems usually arise from processes that are not directly technology

related. However, an interruption to online services can represent a serious problem given the largevolume of orders received via this channel (almost all orders), and its importance for managing

stocks of raw materials.

Availability Management, in collaboration with the people responsible for the other IT processes has

been charged with drawing up new availability plans that take the rapid growth of the business into

account, which may entail 24/7 availability being needed for certain business lines.

Drawing up this new plan requires:

Revision of the UCs in effect with Internet service providers.

Definition of levels of availability for the new services.

Design for 24/7 availability of the IT services offered.

New management plans for maintenance requiring real interruptions to service.

Moreover, the management of "Cater Matters" has decided to regularly inform customers about the

levels of performance and availability of the various different services provided. To do so they havecharged Availability Management with implementing the procedures necessary to measure:

The time between incidents.

The time the service is down.

The time taken to respond to each incident.

The delay in service delivery.

This will be complemented by a module automatically performing statistical calculations and

generating reports on compliance with the levels of availability agreed with each customer.

8/3/2019 IBM Q & Ans

24/24

In this way, "Cater Matters" hopes to build a relationship of trust with its customers and keep the IT

organisation alert to any possible degradation of the level of quality of service.

Security Management

Practical Case

The management of "Cater Matters" is aware that an approach to security based solely on the

concept of "defending against attacks" does not meet the needs of the business.

It is important that customers of "Cater Matters" have up-to-date information about their orders,outstanding payments, etc. and this requires interaction with the company's ERP.

Clearly, this raises a number of additional security problems, as channels to the outside have to be

opened up from within the organisation's IT core.

The management of "Cater Matters" has decided to create a series of Web Services allowing access

to this information while preserving its confidentiality and integrity. This requires a review of the

Security Plan and the security sections of the SLAs in force.

As basic security measures:

The range of IPs which the service is able to access is limited. The service is only available from

authorised customer IP addresses.

Encryption protocols are implemented for the XML files exchanged.

Authentication is required in order to access the service.

Interaction with the application is monitored to detect possible outside attacks.

A log is kept of when, how and by whom the service is used.

A single input channel is authorised for the local services through the company's web servers.

A periodic evaluation of the service is proposed in order to detect vulnerabilities and adopt corrective

measures.

The objective is to offer a quality service with high levels of security so as to build customer loyalty at

a time or rapid development when the competition is just a click away.