-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
1/25
SyedJahanzaibPersonnelBlogtoShareKnowledge!
February17,2010
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]
Filedunder:GeneralITRelatedSyedJahanzaib/Pinochio~:)@6:33AMi5Votes
TechnicalInterviewQuestions(Part1/3)[Networking]
Edited&MaintainedbySYEDJAHANZAIB/[email protected]
1.WhatisanIPaddress?
2.Whatisasubnetmask?
3.WhatisARP?
4.WhatisARPCachePoisoning?
5.WhatistheANDingprocess?
6.Whatisadefaultgateway?WhathappensifIdonthaveone?
7.CanaworkstationcomputerbeconfiguredtobrowsetheInternetandyetNOThaveadefaultgateway?
8.Whatisasubnet?
9.WhatisAPIPA?
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
2/25
10.WhatisanRFC?Nameafewifpossible(notnecessarilythenumbers,justtheideasbehindthem)
11.WhatisRFC1918?
12.WhatisCIDR?
13.YouhavethefollowingNetworkID:192.115.103.64/27.WhatistheIPrangeforyournetwork?
14.YouhavethefollowingNetworkID:131.112.0.0.Youneedatleast500hostspernetwork.Howmanynetworkscanyoucreate?Whatsubnetmaskwillyouuse?
15.Youneedtoviewatnetworktraffic.Whatwillyouuse?Nameafewtools
16.HowdoIknowthepaththatapackettakestothedestination?
17.Whatdoestheping192.168.0.1l1000n100commanddo?
18.WhatisDHCP?Whatarethebenefitsanddrawbacksofusingit?
19.DescribethestepstakenbytheclientandDHCPserverinordertoobtainanIPaddress.
20.WhatistheDHCPNACKandwhendoIgetone?Name2scenarios.
21.WhatportsareusedbyDHCPandtheDHCPclients?
22.DescribetheprocessofinstallingaDHCPserverinanADinfrastructure.
23.WhatisDHCPINFORM?
24.DescribetheintegrationbetweenDHCPandDNS.
25.WhatoptionsinDHCPdoyouregularlyuseforanMSNetwork?
26.WhatareUserClassesandVendorClassesinDHCP?
27.HowdoIconfigureaclientmachinetouseaspecificUserClass?
28.WhatistheBOOTPprotocolusedfor,wheremightyoufinditinwindowsnetworkinfrastructure?
29.DNSzonesdescribethedifferencesbetweenthe4types.
30.DNSrecordtypesdescribethemostimportantones.
31.Describetheprocessofworkingwithanexternaldomainname
32.DescribetheimportanceofDNStoAD.
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
3/25
33.DescribeafewmethodsoffindinganMXrecordforaremotedomainontheInternet.
34.WhatdoesDisableRecursioninDNSmean?
35.WhatcouldcausetheForwardersandRootHintstobegrayedout?
36.WhatisaSingleLabeldomainnameandwhatsortofissuescanitcause?
37.Whatistheinaddr.arpazoneusedfor?
38.WhataretherequirementsfromDNStosupportAD?
39.HowdoyoumanuallycreateSRVrecordsinDNS?
40.Name3benefitsofusingADintegratedzones.
41.WhatarethebenefitsofusingWindows2003DNSwhenusingADintegratedzones?
42.YouinstalledanewADdomainandthenew(andfirst)DChasnotregistereditsSRVrecordsinDNS.Nameafewpossiblecauses.
43.WhatarethebenefitsandscenariosofusingStubzones?
44.WhatarethebenefitsandscenariosofusingConditionalForwarding?
45.WhatarethedifferencesbetweenWindowsClustering,NetworkLoadBalancingandRoundRobin,andscenariosforeachuse?
46.HowdoIworkwiththeHostnamecacheonaclientcomputer?
47.HowdoIcleartheDNScacheontheDNSserver?
48.Whatisthe224.0.1.24addressusedfor?
49.WhatisWINSandwhendoweuseit?
50.CanyouhaveaMicrosoftbasednetworkwithoutanyWINSserveronit?WhataretheconsiderationsregardingnotusingWINS?
51.DescribethedifferencesbetweenWINSpushandpullreplications.
52.WhatisthedifferencebetweentombstoningaWINSrecordandsimplydeletingit?
53.NametheNetBIOSnamesyoumightexpectfromaWindows2003DCthatisregisteredinWINS.
54.Describetheroleoftheroutingtableonahostandonarouter.
55.Whatareroutingprotocols?Whydoweneedthem?Nameafew.
56.Whatarerouterinterfaces?Whattypescantheybe?
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
4/25
57.InWindows2003routing,whataretheinterfacefilters?
58.WhatisNAT?
59.WhatistherealdifferencebetweenNATandPAT?
60.HowdoyouconfigureNATonWindows2003?
61.HowdoyouallowinboundtrafficforspecifichostsonWindows2003NAT?
62.WhatisVPN?WhattypesofVPNdoesWindows2000andbeyondworkwithnatively?
63.WhatisIAS?Inwhatscenariosdoweuseit?
64.WhatsthedifferencebetweenMixedmodeandNativemodeinADwhendealingwithRRAS?
65.WhatistheRASandIASgroupinAD?
66.WhatareConditionsandProfileinRRASPolicies?
67.WhattypesorauthenticationcanaWindows2003basedRRASworkwith?68.HowdoesSSLwork?
69.HowdoesIPSecwork?
70.HowdoIdeployIPSecforalargenumberofcomputers?
71.WhattypesofauthenticationcanIPSecuse?
72.WhatisPFS(PerfectForwardSecrecy)inIPSec?
73.HowdoImonitorIPSec?
74.LookingatIPSecencryptedtrafficwithasniffer.WhatpackettypesdoIsee?
75.WhatcanyoudowithNETSH?
76.HowdoIlookattheopenportsonmymachine?
ANSWERS
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
5/25
1)WhatisanIPaddress?
AnInternetProtocol(IP)addressisanumericallabelthatisassignedtodevicesparticipatinginacomputernetworkutilizingtheInternet
anIPaddressisa32bitnumberthatidentifieseachsenderorreceiverofinformationthatissentinpacketsacrossthelan/Internet.
AnIPaddresshastwoparts:theidentifierofaparticularnetworkontheInternetandanidentifieroftheparticulardevice(whichcanbeaserveroraworkstation)withinthatnetwork.OntheInternetitselfthatis,betweentherouterthatmovepacketsfromonepointtoanotheralongtherouteonlythenetworkpartoftheaddressislookedat.
2)Whatisasubnetmask?
AsubnetmaskallowsyoutoidentifywhichpartofanIPaddressisreservedforthenetwork,andwhichpartisavailableforhostuse.IfyoulookattheIPaddressalone,especiallynowwithclasslessinterdomainrouting,youcanttellwhichpartoftheaddressiswhich.Addingthesubnetmask,ornetmask,givesyoualltheinformationyouneedtocalculatenetworkandhostportionsoftheaddresswithease.Insummary,knowingthesubnetmaskcanallowyoutoeasilycalculatewhetherIPaddressesareon.Subnettingenablesthenetworkadministratortofurtherdividethehostpartoftheaddressintotwoormoresubnets.
3)WhatisARP?
ShortforAddressResolutionProtocol,anetworklayerprotocolusedtoconvertanIPaddressintoaphysicaladdress(calledaDLCaddress),suchasanEthernetaddress.AhostwishingtoobtainaphysicaladdressbroadcastsanARPrequestontotheTCP/IPnetwork.ThehostonthenetworkthathastheIPaddressintherequestthenreplieswithitsphysicalhardwareaddress.
ARPisaveryimportantpartofIPnetworking.ARPisusedtoconnectOSILayer3(Network)toOSILayer2(DataLink).Formostofus,thatmeansthatARPisusedtolinkourIPaddressingtoourEthernetaddressing(MACAddressing).Foryoutocommunicatewithanydeviceonyournetwork,youmusthavetheEthernetMACaddressforthatdevice.IfthedeviceisnotonyourLAN,yougothroughyourdefaultgateway(yourrouter).Inthiscase,yourrouterwillbethedestinationMACaddressthatyourPCwillcommunicatewith.
4)WhatisARPCachePoisoning?amethodofattackinganEthernetLANbyupdatingthetargetcomputersARPcachewithbothaforgedARPrequestandreplypacketsinanefforttochangetheLayer2EthernetMACaddress(i.e.,theaddressofthenetworkcard)toonethattheattackercanmonitor.BecausetheARPreplieshavebeenforged,thetargetcomputersendsframesthatweremeantfortheoriginaldestinationtotheattackerscomputerfirstsotheframescanberead.AsuccessfulAPRattemptisinvisibletotheuser.ARPcachepoisoning,alsoknownasARPspoofing,istheprocessoffalsifyingthesourceMediaAccessControl(MAC)addressesofpacketsbeingsentonanEthernetnetwork.ItisaMAClayerattackthatcanonlybecarriedoutwhenanattackerisconnectedtothesamelocalnetworkasthetargetmachines,limitingitseffectivenessonlytonetworksconnectedwithswitches,hubs,andbridges;notrouters.
5)WhatistheANDingprocess?
Inordertodeterminewhetheradestinationhostislocalorremote,acomputerwillperformasimple
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
6/25
mathematicalcomputationreferredtoasanANDoperation.Whilethesendinghostdoesthisoperationinternally,understandingwhattakesplaceisthekeytounderstandinghowanIPbasedsystemknowswhethertosendpacketsdirectlytoahostortoarouter.
NoticethatwhentheresultingANDvaluesareconvertedbacktobinary,itbecomesclearthatthetwohostsareondifferentnetworks.ComputerAisonsubnet192.168.56.0,whilethedestinationhostisonsubnet192.168.64.0,whichmeansthatComputerAwillnextbesendingthedatatoarouter.WithoutANDing,determininglocalandremotehostscanbedifficult.Onceyoureveryfamiliarwithsubnettingandcalculatingrangesofaddresses,recognizinglocalandremotehostswillbecomemuchmoreintuitive.Wheneveryoureindoubtastowhetherhostsarelocalorremote,usetheANDingprocess.YoushouldalsonoticethattheANDingprocessalwaysproducesthesubnetIDofagivenhost.
6)Whatisadefaultgateway?WhathappensifIdonthaveone?
AdefaultgatewayisusedbyahostwhenanIPpacketsdestinationaddressbelongstosomeplaceoutsidethelocalsubnet.ThedefaultgatewayaddressisusuallyaninterfacebelongingtotheLANsborderrouter.Incomputernetworking,adefaultnetworkgatewayisthedevicethatpassestrafficfromthelocalsubnettodevicesonothersubnets.ThedefaultgatewayoftenconnectsalocalnetworktotheInternet,althoughinternalgatewaysforconnectingtwolocalnetworksalsoexist.
7)CanaworkstationcomputerbeconfiguredtobrowsetheInternetandyetNOThaveadefaultgateway?
Ifweareusingpublicipaddress,wecanbrowsetheinternet.Ifitishavinganintranetaddressagatewayisneededasarouterorfirewalltocommunicatewithinternet.
8)Whatisasubnet?
Aportionofanetworkwhichsharesanetworkaddressinwhicheachcomponentisidentifiedbyasubnetnumber.Asubnetisalogicalorganizationofnetworkaddressrangesusedtoseparatehostsandnetworkdevicesfromeachothertoserveadesignpurpose.Inmanycases,subnetsarecreatedtoserveasphysicalorgeographicalseparationssimilartothosefoundbetweenrooms,floors,buildings,orcities.
9)WhatisAPIPA?
ShortforAutomaticPrivateIPAddressing,afeatureoflaterWindowsoperatingsystems.WithAPIPA,DHCPclientscanautomaticallyselfconfigureanIPaddressandsubnetmaskwhenaDHCPserverisntavailable.WhenaDHCPclientbootsup,itfirstlooksforaDHCPserverinordertoobtainanIPaddressandsubnetmask.Iftheclientisunabletofindtheinformation,itusesAPIPAtoautomaticallyconfigureitselfwithanIPaddressfromarangethathasbeenreservedespeciallyforMicrosoft.TheIPaddressrangeis169.254.0.1through169.254.255.254.TheclientalsoconfiguresitselfwithadefaultclassBsubnetmaskof255.255.0.0.AclientusestheselfconfiguredIPaddressuntilaDHCPserverbecomesavailable.
TheAPIPAservicealsochecksregularlyforthepresenceofaDHCPserver(everyfiveminutes,accordingtoMicrosoft).IfitdetectsaDHCPserveronthenetwork,APIPAstops,andtheDHCPserverreplacestheAPIPAnetworkingaddresseswithdynamicallyassignedaddresses.
APIPAismeantfornonroutedsmallbusinessenvironments,
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
7/25
usuallylessthan25clients.
10)WhatisanRFC?Nameafewifpossible(notnecessarilythenumbers,justtheideasbehindthem)
ShortforRequestforComments,aseriesofnotesabouttheInternet,startedin1969(whentheInternetwastheARPANET).AnInternetDocumentcanbesubmittedtotheIETFbyanyone,buttheIETFdecidesifthedocumentbecomesanRFC.Eventually,ifitgainsenoughinterest,itmayevolveintoanInternetstandard.EachRFCisdesignatedbyanRFCnumber.Oncepublished,anRFCneverchanges.ModificationstoanoriginalRFCareassignedanewRFCnumber.
11)WhatisRFC1918?
RFC1918isAddressAllocationforPrivateInternetsTheInternetAssignedNumbersAuthority(IANA)hasreservedthefollowingthreeblocksoftheIPaddressspaceforprivateinternets:10.0.0.010.255.255.255(10/8prefix)172.16.0.0172.31.255.255(172.16/12prefix)192.168.0.0192.168.255.255(192.168/16prefix)Wewillrefertothefirstblockas24bitblock,thesecondas20bitblock,andtothethirdas16bitblock.Notethat(inpreCIDRnotation)thefirstblockisnothingbutasingleclassAnetworknumber,whilethesecondblockisasetof16contiguousclassBnetworknumbers,andthirdblockisasetof256contiguousclassCnetworknumbers.
12)WhatisCIDR?
CIDR(ClasslessInterDomainRouting,sometimesknownassupernetting)isawaytoallocateandspecifytheInternetaddressesusedininterdomainroutingmoreflexiblythanwiththeoriginalsystemofInternetProtocol(IP)addressclasses.Asaresult,thenumberofavailableInternetaddresseshasbeengreatlyincreased.
13.YouhavethefollowingNetworkID:192.115.103.64/27.WhatistheIPrangeforyournetwork?
Itrangesfrom192.115.103.64192.115.103.96
Buttheusableaddressarefrom192.115.103.64192.115.103.94
192.115.103.95itisthebroadcastaddress192.115.103.96willbetheipaddressofnextrange
wecanuse30hostsinthisnetwork
14.YouhavethefollowingNetworkID:131.112.0.0.Youneedatleast500hostspernetwork.Howmanynetworkscanyoucreate?Whatsubnetmaskwillyouuse?
Ifyouneed500usersthen2^9thwouldgiveyou512(rememberthefirstandlastarenetworkandbroadcast),510usable.Soofyour32bitsyouwouldturnthelast9offforhostandthatwouldgiveyougiveyoua255.255.254.0subnetmask(11111111.11111111.11111110.00000000).Nowthatweknowthatwecanseethatyouhavethefirst7ofyourthirdoctetturnedonsotofigureouthowmanysubnetsyouhaveustheformula
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
8/25
2^7th=128.Soyoucanhave128subnetswith500peopleonthem.
15.Youneedtoviewatnetworktraffic.Whatwillyouuse?Nameafewtools
winsharkortcpdump,orethereal(availableinourfileserver)
16.HowdoIknowthepaththatapackettakestothedestination?
usetracertcommandline
17.Whatdoestheping192.168.0.1l1000n100commanddo?
Thepingcommandwillsendroundtrippacketstoadestination(otherPC,router,printer,etc.)andseehowlongittakes.The192.168.0.1isthedestination(which,bythewayisatypicaldefaultIPaddressofarouter.)Thel1000ishowbigthepacketshouldbeinbytes.Thedefaultis32,ifthelparameterisnotused.Andthen100issayingtosendit100times.Thedefaultis4,whenthisparameterisnotused.
18.WhatisDHCP?Whatarethebenefitsanddrawbacksofusingit?
Benefits:
1.DHCPminimizesconfigurationerrorscausedbymanualIPaddressconfiguration.
2.Reducednetworkadministration.
Disadvantage
YourmachinenamedoesnotchangewhenyougetanewIPaddress.TheDNS(DomainNameSystem)nameisassociatedwithyourIPaddressandthereforedoeschange.ThisonlypresentsaproblemifotherclientstrytoaccessyourmachinebyitsDNSname.
19.DescribethestepstakenbytheclientandDHCPserverinordertoobtainanIPaddress.
*AtleastoneDHCPservermustexistonanetwork.OncetheDHCPserversoftwareisinstalled,youcreateaDHCPscope,whichisapoolofIPaddressesthattheservermanages.Whenclientslogon,theyrequestanIPaddressfromtheserver,andtheserverprovidesanIPaddressfromitspoolofavailableaddresses.*DHCPwasoriginallydefinedinRFC1531(DynamicHostConfigurationProtocol,October1993)butthemostrecentupdateisRFC2131(DynamicHostConfigurationProtocol,March1997).TheIETFDynamicHostConfiguration(dhc)WorkingGroupischarteredtoproduceaprotocolforautomatedallocation,configuration,andmanagementofIPaddressesandTCP/IPprotocolstackparameters.
20.WhatistheDHCPNACKandwhendoIgetone?Name2scenarios.
RecentlyIsawalotofqueriesregardingwhentheMicrosoftDHCPserverissuesaNAKtoDHCPclients.Forsimplificationpurposes,IamlistingdownthepossiblescenariosinwhichtheservershouldNOTissueaNAK.ThisshouldgiveyouagoodunderstandingofDHCPNAKbehavior.WhenaDHCPserverreceivesaDHCPRequestwithapreviouslyassignedaddressspecified,itfirstcheckstoseeifitcamefromthelocalsegmentbycheckingtheGIADDRfield.Ifitoriginatedfromthelocalsegment,the
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
9/25
DHCPservercomparestherequestedaddresstotheIPaddressandsubnetmaskbelongingtothelocalinterfacethatreceivedtherequest.DHCPserverwillissueaNAKtotheclientONLYIFitissurethattheclient,onthelocalsubnet,isaskingforanaddressthatdoesntexistonthatsubnet.TheserverwillsendaNAKEXCEPTinthefollowingscenarios:
1.Requestedaddressfrompossiblythesamesubnetbutnotintheaddresspooloftheserver:Thiscanbethefailoverscenarioinwhich2DHCPserversareservingthesamesubnetsothatwhenonegoesdown,theothershouldnotNAKtoclientswhichgotanIPfromthefirstserver.
2.Requestedaddressonadifferentsubnet:IftheAddressisfromthesamesuperscopetowhichthesubnetbelongs,DHCPserverwillACKtheREQUEST.
21.WhatportsareusedbyDHCPandtheDHCPclients?
RequestsareonUDPport68,ServerrepliesonUDP67
22.DescribetheprocessofinstallingaDHCPserverinanADinfrastructure.
UseAdd/Removeprogramwizard...
23.WhatisDHCPINFORM?
DHCPInformisaDHCPmessageusedbyDHCPclientstoobtainDHCPoptions.WhilePPPremoteaccessclientsdonotuseDHCPtoobtainIPaddressesfortheremoteaccessconnection,Windows2000andWindows98remoteaccessclientsusetheDHCPInformmessagetoobtainDNSserverIPaddresses,WINSserverIPaddresses,andaDNSdomainname.TheDHCPInformmessageissentaftertheIPCPnegotiationisconcluded.TheDHCPInformmessagereceivedbytheremoteaccessserveristhenforwardedtoaDHCPserver.TheremoteaccessserverforwardsDHCPInformmessagesonlyifithasbeenconfiguredwiththeDHCPRelayAgent..
24.DescribetheintegrationbetweenDHCPandDNS.
Traditionally,DNSandDHCPservershavebeenconfiguredandmanagedoneatatime.Similarly,changingauthorizationrightsforaparticularuseronagroupofdeviceshasmeantvisitingeachoneandmakingconfigurationchanges.DHCPintegrationwithDNSallowstheaggregationofthesetasksacrossdevices,enablingacompanysnetworkservicestoscaleinstepwiththegrowthofnetworkusers,devices,andpolicies,whilereducingadministrativeoperationsandcosts.
Thisintegrationprovidespracticaloperationalefficienciesthatlowertotalcostofownership.CreatingaDHCPnetworkautomaticallycreatesanassociatedDNSzone,forexample,reducingthenumberoftasksrequiredofnetworkadministrators.AndintegrationofDNSandDHCPinthesamedatabaseinstanceprovidesunmatchedconsistencybetweenserviceandmanagementviewsofIPaddresscentricnetworkservicesdata.
25.WhatoptionsinDHCPdoyouregularlyuseforanMSnetwork?
AutomaticprovidingIPaddress
Subnetmask
DNSserver
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
10/25
Domainname
Defaultgetawayorrouter
26.WhatareUserClassesandVendorClassesinDHCP?
MicrosoftVendorClassesThefollowinglistcontainspredefinedvendorclassesthatareavailableinWindows2000DHCPserver.
ClassDataClassNameDescriptionMSFT5.0MicrosoftWindows2000optionsClassthatincludesallWindows2000DHCPclients.MSFT98MicrosoftWindows98optionsClassthatincludesallWindows98andMicrosoftWindowsMillenniumEdition(Me)DHCPclients.MSFTMicrosoftoptionsClassthatincludesallWindows98,WindowsMe,andWindows2000DHCPclients.IfyouhavenonMicrosoftDHCPclients,youcandefineothervendorspecificclassesontheDHCPserver.Whenyoudefinesuchclasses,makesurethevendorclassidentifierthatyoudefinematchestheidentifierusedbytheclients.
UserClasses
ThefollowinglistcontainspredefineduserclassesthatareavailableinWindows2000DHCPserver.
CollapsethistableExpandthistable
ClassIDClassTypeDescriptionUnspecifiedDefaultuserclassAllDHCPclientsthathavenouserclassspecified.RRAS.MicrosoftDefaultRoutingandRemoteAccessclassAllDialUpNetworking(DUN)clients.BootpDefaultBootpclassAllBootpclients
Inadditiontothesepredefinedclasses,youcanalsoaddcustomuserclassesforWindows2000DHCPclients.Whenyouconfiguresuchclasses,youmustspecifyacustomidentifierthatcorrespondstotheuserclassdefinedontheDHCPserver.
27.HowdoIconfigureaclientmachinetouseaspecificUserClass?
Thecommandtoconfigureaclientmachinetouseaspecificuserclassis
ipconfig/setclassid
Eg:
ipconfig/setclassidLocalAreaNetworkAccounting
28.WhatistheBOOTPprotocolusedfor,wheremightyoufinditinWindowsnetworkinfrastructure?
BootP(RFC951)provides
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
11/25
*auniqueIPaddresstotherequester(usingport67)similartotheDHCPrequestonport68AND*canprovide(wheresupported)theabilitytobootasystemwithoutaharddrive(ie:adisklessclient)
AppleOSX10.*ServersupportsBootP(albeit)renamedasNetBoot.ThefacilityallowstheAdmintomaintainaselectedsetofconfigurationsasbootimagesandthenassignsetsofclientsystemstoshare(orbootfrom)thatimage.ForexampleAccounting,Management,andEngineeringdepartmentshaveelementsincommon,butwhichcanbeuniquefromotherdepartments.Performingupgradesandmaintenanceonthreeimagesisfarmoreproductivethatworkingonallclientsystemsindividually.
Startupisobviouslynetworkintensive,andbeyond4050clients,theAdminneedstocarefullysubnettheinfrastructure,usegigabitswitches,andhosttheimageslocaltotheclientstoavoidsaturatingthenetwork.ThiswillexpandthenumberofBootPserversandmultiplythenumberofimages,buttheproductivityof1BootPserverper50clientsisundeniable
Sunmicro,Linux,andAIXRS/600allsupportBootP.
Todate,Windowsdoesnotsupportbootingdisklessclients.
29.DNSzonesdescribethedifferencesbetweenthe4types.
Dnszoneisactualfilewhichcontainsalltherecordsforaspecificdomain.
i)ForwardLookupZones:
Thiszoneisresponsibletoresolvehostnametoip.
ii)ReverseLookupZones:
Thiszoneisresponsibletoresolveiptohostname.
iii)StubZone:
Stubzoneisreadonlycopyofprimaryzone.butitcontainsonly3recordsviz
theSOAfortheprimaryzone,NSrecordandaHost(A)record.
30.DNSrecordtypesdescribethemostimportantones.TypeofRecordWhatitdoes
A(Host)Classicresourcerecord.MapshostnametoIP(ipv4)
PTRMapsIPtohostname(ReverseofA(Host)
AAAAMapshostnametoip(ipv6)
CnameCanonicalname,inplainEnglishanalias.suchasWebServer,FTPServer,ChatServer
NSIdentifiesDNSnameservers.Importantforforwarders
MXMailservers,particularlyforotherdomains.MXrecordsrequiredtodeliverinternetemail.
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
12/25
_SRVRequiredforActiveDirectory.Wholefamilyofunderscoreservice,records,forexample,gc=globalcatalog.
SOAMakeapointoffindingtheStartofAuthority(SOA)tabattheDNSServer.
31.Describetheprocessofworkingwithanexternaldomainname
ServingSiteswithExternalDomainNameServers,IfyouhostWebsitesonthisserverandhaveastandaloneDNSserveractingasaprimary(master)nameserverforyoursites,youmaywanttosetupyourcontrolpanelsDNSservertofunctionasasecondary(slave)nameserver:
TomakethecontrolpanelsDNSserveractasasecondarynameserver:
1.GotoDomains>domainname>DNSSettings(intheWebSitegroup).2.ClickSwitchDNSServiceMode.3.SpecifytheIPaddressoftheprimary(master)DNSserver.4.ClickAdd.5.Repeatstepsfrom1to5foreachWebsitethatneedstohaveasecondarynameserveronthismachine.
TomakethecontrolpanelsDNSserveractasaprimaryforazone:
1.GotoDomains>domainname>DNSSettings(intheWebSitegroup).2.ClickSwitchDNSServiceMode.Theoriginalresourcerecordsforthezonewillberestored.
IfyouhostWebsitesonthisserverandrelyentirelyonothermachinestoperformtheDomainNameServiceforyoursites(therearetwoexternalnameserversaprimaryandasecondary),switchoffthecontrolpanelsDNSserviceforeachsiteservedbyexternalnameservers.
ToswitchoffthecontrolpanelsDNSserviceforasiteservedbyanexternalnameserver:
1.GotoDomains>domainname>DNSSettings(intheWebSitegroup).2.ClickSwitchOfftheDNSServiceintheToolsgroup.TurningtheDNSserviceoffforthezonewillrefreshthescreen,sothatonlyalistofnameserversremains.
Note:Thelistednameserverrecordshavenoeffectonthesystem.Theyareonlypresentedonthescreenasclickablelinkstogiveyouachancetovalidatetheconfigurationofthezonemaintainedontheexternalauthoritativenameservers.
1.Repeatthestepsfrom1to3toswitchoffthelocaldomainnameserviceforeachsiteservedbyexternalnameservers.
Ifyouwishtovalidatetheconfigurationofazonemaintainedonauthoritativenameservers:
1.GotoDomains>domainname>DNSSettings(intheWebSitegroup).2.Addtothelisttheentriespointingtotheappropriatenameserversthatareauthoritativeforthezone:clickAdd,specifyanameserver,andclickOK.Repeatthisforeachnameserveryouwouldliketotest.Therecordswillappearinthelist.
1.Clicktherecordsthatyouhavejustcreated.ParallelsPleskPanelwillretrievethezonefilefroma
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
13/25
remotenameserverandchecktheresourcerecordstomakesurethatdomainsresourcesareproperlyresolved.
Theresultswillbeinterpretedanddisplayedonthescreen.
32.DescribetheimportanceofDNStoAD.
WhenyouinstallActiveDirectoryonaserver,youpromotetheservertotheroleofadomaincontrollerforaspecifieddomain.Whencompletingthisprocess,youarepromptedtospecifyaDNSdomainnamefortheActiveDirectorydomainforwhichyouarejoiningandpromotingtheserver.Ifduringthisprocess,aDNSserverauthoritativeforthedomainthatyouspecifiedeithercannotbelocatedonthenetworkordoesnotsupporttheDNSdynamicupdateprotocol,youarepromptedwiththeoptiontoinstallaDNSserver.ThisoptionisprovidedbecauseaDNSserverisrequiredtolocatethisserverorotherdomaincontrollersformembersofanActiveDirectorydomain
33.DescribeafewmethodsoffindinganMXrecordforaremotedomainontheInternet.
InordertofindMXRecordsforSMTPdomainsyoucanuseCommandlinetoolssuchasNSLOOKUPorDIG.Youcanalsouseonlinewebservicesthatallowyoutoperformquicksearchesanddisplaytheinformationinaconvenientmanner.
34.WhatdoesDisableRecursioninDNSmean?
IntheWindows2000/2003DNSconsole(dnsmgmt.msc),underaserversProperties>ForwarderstabisthesettingDonotuserecursionforthisdomain.OntheAdvancedtabyouwillfindtheconfusinglysimilaroptionDisablerecursion(alsodisablesforwarders).
RecursionreferstotheactionofaDNSserverqueryingadditionalDNSservers(e.g.localISPDNSortherootDNSservers)toresolvequeriesthatitcannotresolvefromitsowndatabase
35.WhatcouldcausetheForwardersandRootHintstobegrayedout?
Win2KconfiguredyourDNSserverasaprivaterootserver
36.WhatisaSingleLabeldomainnameandwhatsortofissuescanitcause?
Singlelabelnamesconsistofasinglewordlikecontoso.SinglelabelDNSnamescannotberegisteredbyusinganInternetregistrar.ClientcomputersanddomaincontrollersthatjoinedtosinglelabeldomainsrequireadditionalconfigurationtoynamicallyregisterDNSrecordsinsinglelabelDNSzones.ClientcomputersanddomaincontrollersmayrequireadditionalconfigurationtoresolveDNSqueriesinsinglelabelDNSzones.Bydefault,WindowsServer2003baseddomainmembers,WindowsXPbaseddomainmembers,andWindows2000baseddomainmembersdonotperformdynamicupdatestosinglelabelDNSzones.Someserverbasedapplicationsareincompatiblewithsinglelabeldomainnames.Applicationsupportmaynotexistintheinitialreleaseofanapplication,orsupportmaybedroppedinafuturerelease.Forexample,MicrosoftExchangeServer2007isnotsupportedinenvironmentsinwhichsinglelabelDNSisused.SomeserverbasedapplicationsareincompatiblewiththedomainrenamefeaturethatissupportedinWindowsServer2003domaincontrollersandinWindowsServer2008domaincontrollers.TheseincompatibilitieseitherblockorcomplicatetheuseofthedomainrenamefeaturewhenyoutrytorenameasinglelabelDNSnametoafullyqualifieddomainname.
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
14/25
37.Whatistheinaddr.arpazoneusedfor?
WhencreatingDNSrecordsforyourhosts,Arecordsmakesense.Afterall,howcantheworldfindyourmailserverunlesstheIPaddressofthatserverisassociatedwithitshostnamewithinaDNSdatabase?However,PTRrecordsarentaseasilyunderstood.Ifyoualreadyhaveazonefile,whydoestherehavetobeaseparateinaddr.arpazonecontainingPTRrecordsmatchingyourArecords?AndwhoshouldbemakingthosePTRrecordsyouoryourprovider?Letsstartbydefininginaddr.arpa..arpaisactuallyaTLDlike.comor.org.ThenameoftheTLDcomesfromAddressandRoutingParameterAreaandithasbeendesignatedbytheIANAtobeusedexclusivelyforInternetinfrastructurepurposes.Inotherwords,itisanimportantzoneandanintegralpartoftheinnerworkingsofDNS.TheRFCforDNS(RFC1035)hasanentiresectionontheinaddr.arpadomain.Thefirsttwoparagraphsinthatsectionstatethepurposeofthedomain:TheInternetusesaspecialdomaintosupportgatewaylocationandInternetaddresstohostmapping.Otherclassesmayemployasimilarstrategyinotherdomains.Theintentofthisdomainistoprovideaguaranteedmethodtoperformhostaddresstohostnamemapping,andtofacilitatequeriestolocateallgatewaysonaparticularnetworkintheInternet.Notethatbothoftheseservicesaresimilartofunctionsthatcouldbeperformedbyinversequeries;thedifferenceisthatthispartofthedomainnamespaceisstructuredaccordingtoaddress,andhencecanguaranteethattheappropriatedatacanbelocatedwithoutanexhaustivesearchofthedomainspace.Inotherwords,thiszoneprovidesadatabaseofallallocatednetworksandtheDNSreachablehostswithinthosenetworks.Ifyourassignednetworkdoesnotappearinthiszone,itappearstobeunallocated.AndifyourhostsdonthaveaPTRrecordinthisdatabase,theyappeartobeunreachablethroughDNS.AssuminganArecordexistsforahost,amissingPTRrecordmayormaynotimpactontheDNSreachabilityofthathost,dependingupontheapplicationsrunningonthathost.Forexample,amailserverwilldefinitelybeimpactedasPTRrecordsareusedinmailheaderchecksandbymostantiSPAMmechanisms.Dependinguponyourwebserverconfiguration,itmayalsodependuponanexistingPTRrecord.ThisiswhytheDNSRFCsrecommendthateveryArecordhasanassociatedPTRrecord.ButwhoshouldmakeandhostthosePTRrecords?TwentyyearsagowhenyoucouldbuyafullClassCnetworkaddress(i.e.254hostaddresses)theanswerwaseasy:you.Remember,theinaddr.arpazoneisconcernedwithdelegatednetworkaddresses.Inotherwords,theownerofthenetworkaddressisauthoritative(i.e.responsible)forthehostPTRrecordsassociatedwiththatnetworkaddressspace.Ifyouonlyownoneortwohostaddresseswithinanetworkaddressspace,theprovideryoupurchasedthoseaddressesfromneedstohostyourPTRrecordsastheprovideristheownerof(i.e.authoritativefor)thenetworkaddress.ThingsareabitmoreinterestingifyouhavebeendelegatedaCIDRblockofaddresses.Theinaddr.arpazoneassumesaclassfuladdressingschemewhereaClassAaddressisoneoctet(or/8),aClassBis2octets(or/16)andaClassCis3octets(or/24).CIDRallowsfordelegatingaddressspaceoutsideoftheseboundariessaya/19ora/28.RFC2317providesabestcurrentpracticeformaintaininginaddr.arpawiththesetypesofnetworkallocations.HereisasummaryregardingPTRrecords:DontwaituntiluserscomplainaboutDNSunreachabilitybeproactiveandensurethereisanassociatedPTRrecordforeveryArecord.IfyourproviderhostsyourArecords,theyshouldalsohostyourPTRrecords.IfyouonlyhaveoneortwoassignedIPaddresses,yourprovidershouldhostyourPTRrecordsastheyareauthoritativeforthenetworkthosehostsbelongto.Ifyouownanentirenetworkaddress(e.g.aClassCaddressendingin0),youareresponsibleforhostingyourPTRrecords.IfyouareconfiguringaninternalDNSserverwithintheprivateaddressranges(e.g.10.0.0.0or192.168.0.0),youareresponsibleforyourowninternalPTRrecords.Remember:thekeytoPTRhostingisknowingwhoisauthoritativeforthenetworkaddressforyourdomain.Whenindoubt,itprobablyisnotyou.
38.WhataretherequirementsfromDNStosupportAD?WhenyouinstallActiveDirectoryonamemberserver,thememberserverispromotedtoadomaincontroller.ActiveDirectoryusesDNSasthelocationmechanismfordomaincontrollers,enablingcomputersonthenetworktoobtainIPaddressesofdomaincontrollers.Duringtheinstallationof
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
15/25
ActiveDirectory,theservice(SRV)andaddress(A)resourcerecordsaredynamicallyregisteredinDNS,whicharenecessaryforthesuccessfulfunctionalityofthedomaincontrollerlocator(Locator)mechanism.Tofinddomaincontrollersinadomainorforest,aclientqueriesDNSfortheSRVandADNSresourcerecordsofthedomaincontroller,whichprovidetheclientwiththenamesandIPaddressesofthedomaincontrollers.Inthiscontext,theSRVandAresourcerecordsarereferredtoasLocatorDNSresourcerecords.Whenaddingadomaincontrollertoaforest,youareupdatingaDNSzonehostedonaDNSserverwiththeLocatorDNSresourcerecordsandidentifyingthedomaincontroller.Forthisreason,theDNSzonemustallowdynamicupdates(RFC2136)andtheDNSserverhostingthatzonemustsupporttheSRVresourcerecords(RFC2782)toadvertisetheActiveDirectorydirectoryservice.FormoreinformationaboutRFCs,seeDNSRFCs.IftheDNSserverhostingtheauthoritativeDNSzoneisnotaserverrunningWindows2000orWindowsServer2003,contactyourDNSadministratortodetermineiftheDNSserversupportstherequiredstandards.Iftheserverdoesnotsupporttherequiredstandards,ortheauthoritativeDNSzonecannotbeconfiguredtoallowdynamicupdates,thenmodificationisrequiredtoyourexistingDNSinfrastructure.
39.HowdoyoumanuallycreateSRVrecordsinDNS?thisisonwindowsserver
gotorun>dnsmgmt.msc
rightclickonthezoneyouwanttoaddsrvrecordtoandchooseothernewrecordandchooseservicelocation(srv)..
40.Name3benefitsofusingADintegratedzones.
1.youcangiveeasynameresolutiontourclients.
2.BycreatingADintegratedzoneyoucanalsotracehackerandspammerbycreatingreversezone.
3.ADintegratedzonedallforincrementalzonetransferswhichontransferchangesandnottheentirezone.Thisreduceszonetransfertraffic.
4.ADIntegratedzonessuportbothsecureanddmanicupdates.
5.ADintegratedzonesarestoredaspartoftheactivedirectoryandsupportdomainwideorforestwidereplicationthroughapplicationpertitionsinAD.
41.WhatarethebenefitsofusingWindows2003DNSwhenusingADintegratedzones?
Advantages:
DNSsupportsDynamicregistrationofSRVrecordsregisteredbyaActiveDirectoryserveroradomaincontrollerduringpromotion.WiththehelpofSRVrecordsclientmachinescanfinddomaincontrollersinthenetwork.
1.DNSsupportsSecureDynamicupdates.Unauthorizedaccessisdenied.
2.ExchangeserverneedsinternalDNSorADDNStolocateGlobalCatalogservers.
3.ActiveDirectoryIntegratedZone.Ifyouhavemorethanonedomaincontroller(recommended)youneednotworryaboutzonereplication.ActiveDirectoryreplicationwilltakecareofDNSzonereplicationalso.
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
16/25
4.IfyournetworkuseDHCPwithActiveDirectorythennootherDHCPwillbeabletoserviceclientrequestscomingfromdifferentnetwork.ItisbecauseDHCPserverisauthorizedinADandwillbetheonlyservertoparticipateonnetworktoprovideIPAddressinformationtoclientmachines.
5.Moreover,youcanuseNT4DNSwithServicePack4orlater.ItsupportsbothSRVrecordregistrationandDynamicUpdates.
UsingMicrosoftDNSgivesthefollowingbenefits:Ifyouimplementnetworksthatrequiresecureupdates.IfyouwanttotakebenefitofActiveDirectoryreplication.IfyouwanttointegrateDHCPwithDNSforLowlevelclientstoregistertheirHostrecordsinZonedatabase.
42.YouinstalledanewADdomainandthenew(andfirst)DChasnotregistereditsSRVrecordsinDNS.Nameafewpossiblecauses.
ThemachinecannotbeconfiguredwithDNSclientherownTheDNSservicecannotberun
43.WhatarethebenefitsandscenariosofusingStubzones?
OneofthenewfeaturesintroducedintheWindowsServer2003basedimplementationofDNSarestubzones.Itsmainpurposeistoprovidenameresolutionindomains,forwhichalocalDNSserverisnotauthoritative.Thestubzonecontainsonlyafewrecords:
StartofAuthority(SOA)recordpointingtoaremoteDNSserverthatisconsideredtobethebestsourceofinformationaboutthetargetDNSdomain,oneormoreNameServer(NS)records(includingtheentryassociatedwiththeSOArecord),whichareauthoritativefortheDNSdomainrepresentedbythestubzone,correspondingArecordsforeachoftheNSentries(providingIPaddressesoftheservers).Whileyoucanalsoprovidenameresolutionforaremotedomainbyeithercreatingasecondaryzone(whichwasacommonapproachinWindowsServer2000DNSimplementation)ordelegation(whendealingwithacontiguousnamespace),suchapproachforcesperiodiczonetransfers,whicharenotneededwhenstubzonesareused.NecessitytotraversenetworkinordertoobtainindividualrecordshostedontheremoteNameServersismitigatedtosomeextentbycachingprocess,whichkeepsthemonthelocalserverforthedurationoftheirTimetoLive(TTL)parameter.Inaddition,recordsresidinginastubzoneareperiodicallyvalidatedandrefreshedinordertoavoidlamedelegations.
44.WhatarethebenefitsandscenariosofusingConditionalForwarding?
45.WhatarethedifferencesbetweenWindowsClustering,NetworkLoadBalancingandRoundRobin,andscenariosforeachuse?
Iwillmakeafewassumptionshere:
1)ByWindowsClusteringNetworkLoadBalancingyoumeanWindowsNetworkLoadBalancingsoftwareincludedinWindowsServersoftwarea.k.aNLB.,and2)ByRoundRobin,youmeanDNSRoundRobinmeaningtheabsenceofasoftwareorhardwareloadbalancingdevice,ortheconceptoftheRoundRobinalgorithmavailableinjustabouteveryloadbalancingsolution.
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
17/25
MicrosoftNLBisdesignedforasmallnumber(46)ofWindowsServersandalowtomoderatenumberofnewconnectionspersecond,toprovidedistributionofwebserverrequeststomultipleserversinavirtualresourcepool.Somewouldcallthisacluster,buttherearesuttledifferencesbetweenaclusteredgroupofdevicesandamorelooselyconfiguredvirtualpool.Fromthestandpointofscalabilityandperformance,almostallhardwareloadbalancingsolutionsaresuperiortothisandotherlessknownsoftwareloadbalancingsolutions[e.g.BrightTigercirca1998].
DNSRoundRobinisaninherentloadbalancingmethodbuiltintoDNS.WhenyouresolveanIPaddressthathasmorethanoneArecord,DNShandsoutdifferentresolutionstodifferentrequestinglocalDNSservers.Althoughthereareseveralfactorseffectingtheexactresultingalgorithm(e.g.DNScaching,TTL,multipleDNSservers[authoritativeorcached]),IstressthetermroughlywhenIsayitroughlyresultsinanevendistributionofresolutionstoeachoftheaddressesspecifiedforaparticularURL.Itdoesnothowever,consideravailability,performance,oranyothermetricandiscompletelystatic.ThebasicRRalgorithmisavailableinmanysoftwareandhardwareloadbalancingsolutionsandsimplyhandsthenextrequesttothenextresourceandstartsbackatthefirstresourcewhenithitsthelastone.
NLBisbasedonproprietarysoftware,meantforsmallgroupsofWindowsserversonlyonprivatenetworks,andisdynamicinnature(takesintoaccountavailabilityofaserver,andinsomecasesperformance).RoundRobin,DNSorotherwise,ismoregeneric,staticinnature(doesnottakeintoaccountanythingbuttheresourceisamemberoftheresourcepoolandeachmemberisequal),andrangesfromDNStothedefaultstaticloadbalancingmethodoneveryhardwaredeviceinthemarket.
46.HowdoIworkwiththeHostnamecacheonaclientcomputer?
47.HowdoIcleartheDNScacheontheDNSserver?Tocleartheservernamescache
*UsingtheWindowsinterface
*Usingacommandline
UsingtheWindowsinterface
1.OpenDNS.
2.Intheconsoletree,clicktheapplicableDNSserver.
Where?
*DNS/applicableDNSserver
3.OntheActionmenu,clickClearCache.
Notes
*Toperformthisprocedure,youmustbeamemberoftheAdministratorsgrouponthelocalcomputer,oryoumusthavebeendelegatedtheappropriateauthority.Ifthecomputerisjoinedtoadomain,membersoftheDomainAdminsgroupmightbeabletoperformthisprocedure.Asasecuritybestpractice,considerusingRunastoperformthisprocedure.
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
18/25
*ToopenDNS,clickStart,clickControlPanel,doubleclickAdministrativeTools,andthendoubleclickDNS.
Usingacommandline
1.OpenCommandPrompt.
2.TypethefollowingcommandandthenpressENTER:
DnscmdServerName/clearcache
48.Whatisthe224.0.1.24addressusedfor?
WINSservergroupaddress.UsedtosupportautodiscoveryanddynamicconfigurationofreplicationforWINSservers.Formoreinformation,seeWINSreplicationoverviewWINSservergroupaddress.UsedtosupportautodiscoveryanddynamicconfigurationofreplicationforWINSservers.
49.WhatisWINSandwhendoweuseit?
IntheWindowsServerfamily,theprimarymeansforclientcomputertolocateandcommunicatewithothercomputersonanInternetProtocol(IP)networkisbyusingDomainNameSystem(DNS).However,clientsthatuseolderversionsofWindows,suchasWindowsNT4.0,usenetworkbasicI/Osystem(NetBIOS)namesfornetworkcommunication.SomeapplicationsthatrunonWindowsServer2003mayalsouseNetBIOSnamesfornetworkcommunication.UsingNetBIOSnamesrequiresamethodofresolvingNetBIOSnamestoIP.UsingaWINSserverisessentialforanyWindowsclientcomputertoworkwithotherWindowscomputersovertheInternet.Inaddition,usingaWINSserverisessentialforanyWindowsclientcomputeratIndianaUniversitythatintendstouseMicrosoftnetworkresources.TouseWINSservices,youmustinsertintoyourTCP/IPnetworkingconfigurationtheIPaddressoftheWINSserversyouwishtouse.
50.CanyouhaveaMicrosoftbasednetworkwithoutanyWINSserveronit?WhataretheconsiderationsregardingnotusingWINS?
51.DescribethedifferencesbetweenWINSpushandpullreplications.
ToreplicatedatabaseentriesbetweenapairofWINSservers,youmustconfigureeachWINSserverasapullpartner,apushpartner,orbothwiththeotherWINSserver.
*ApushpartnerisaWINSserverthatsendsamessagetoitspullpartners,notifyingthemthatithasnewWINSdatabaseentries.WhenaWINSserverspullpartnerrespondstothemessagewithareplicationrequest,theWINSserversends(pushes)copiesofitsnewWINSdatabaseentries(alsoknownasreplicas)totherequestingpullpartner.*ApullpartnerisaWINSserverthatpullsWINSdatabaseentriesfromitspushpartnersbyrequestinganynewWINSdatabaseentriesthatthepushpartnershave.ThepullpartnerrequeststhenewWINSdatabaseentriesthathaveahigherversionnumberthanthelastentrythepullpartnerreceivedduringthemostrecentreplication.
52.WhatisthedifferencebetweentombstoningaWINSrecordandsimplydeletingit?
SimpledeletionremovestherecordsthatareselectedintheWINSconsoleonlyfromthelocalWINSserveryouarecurrentlymanaging.IftheWINSrecordsdeletedinthiswayexistinWINSdatareplicatedtootherWINSserversonyournetwork,theseadditionalrecordsarenotfullyremoved.
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
19/25
Also,recordsthataresimplydeletedononlyoneservercanreappearafterreplicationbetweentheWINSserverwheresimpledeletionwasusedandanyofitsreplicationpartners.Tombstoningmarkstheselectedrecordsastombstoned,thatis,markedlocallyasextinctandimmediatelyreleasedfromactiveusebythelocalWINSserver.Thismethodallowsthetombstonedrecordstoremainpresentintheserverdatabaseforpurposesofsubsequentreplicationoftheserecordstootherservers.Whenthetombstonedrecordsarereplicated,thetombstonestatusisupdatedandappliedbyotherWINSserversthatstorereplicatedcopiesoftheserecords.EachreplicatingWINSserverthenupdatesandtombstones
53.NametheNetBIOSnamesyoumightexpectfromaWindows2003DCthatisregisteredinWINS.
54.Describetheroleoftheroutingtableonahostandonarouter.
Duringtheprocessofrouting,decisionsofhostsandroutersareaidedbyadatabaseofroutesknownastheroutingtable.Theroutingtableisnotexclusivetoarouter.Dependingontheroutableprotocol,hostsmayalsohavearoutingtablethatmaybeusedtodecidethebestrouterforthepackettobeforwarded.HostbasedroutingtablesareoptionalfortheInternetProtocol,aswellasobsoleteroutableprotocolssuchasIPX.
55.Whatareroutingprotocols?Whydoweneedthem?Nameafew.
Aroutingprotocolisaprotocolthatspecifieshowrouterscommunicatewitheachother,disseminatinginformationthatenablesthemtoselectroutesbetweenanytwonodesonacomputernetwork,thechoiceoftheroutebeingdonebyroutingalgorithms.Eachrouterhasapriorknowledgeonlyofnetworksattachedtoitdirectly.Aroutingprotocolsharesthisinformationfirstamongimmediateneighbors,andthenthroughoutthenetwork.Thisway,routersgainknowledgeofthetopologyofthenetwork.Foradiscussionoftheconceptsbehindroutingprotocols,see:Routing.
ThetermroutingprotocolmayreferspecificallytooneoperatingatlayerthreeoftheOSImodel,whichsimilarlydisseminatestopologyinformationbetweenrouters.
ManyroutingprotocolsusedinthepublicInternetaredefinedindocumentscalledRFCs.[1][2][3][4]
Althoughtherearemanytypesofroutingprotocols,twomajorclassesareinwidespreaduseintheInternet:linkstateroutingprotocols,suchasOSPFandISIS;andpathvectorordistancevectorprotocols,suchasBGP,RIPandEIGRP.
56.Whatarerouterinterfaces?Whattypescantheybe?
Routerscanhavemanydifferenttypesofconnectors;fromEthernet,FastEthernet,andTokenRingtoSerialandISDNports.Someoftheavailableconfigurableitemsarelogicaladdresses(IP,IPX),mediatypes,bandwidth,andadministrativecommands.Interfacesareconfiguredininterfacemodewhichyougettofromglobalconfigurationmodeafterloggingin.ThemediatypeisEthernet,FastEthernet,GigabitEthernet,Serial,Tokenring,orothermediatypes.Youmustkeepinmindthata10MbEthernetinterfaceistheonlykindofEthernetinterfacecalledEthernet.A100MbEthernetinterfaceiscalledaFastEthernetinterfaceanda1000MbEthernetinterfaceiscalledaGigabitEthernetinterface.
57.InWindows2003routing,whataretheinterfacefilters?
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
20/25
58.WhatisNAT?
WindowsServer2003providesnetworkaddresstranslation(NAT)functionalityasapartoftheRoutingandRemoteAccessservice.NATenablescomputersonsmalltomediumsizedorganizationswithprivatenetworkstoaccessresourcesontheInternetorotherpublicnetwork.ThecomputersonaprivatenetworkareconfiguredwithreusableprivateInternetProtocolversion4(IPv4)addresses;thecomputersonapublicnetworkareconfiguredwithgloballyuniqueIPv4(or,rarelyatpresent,InternetProtocolversion6[IPv6])addresses.Atypicaldeploymentisasmallofficeorhomeoffice(SOHO),oramediumsizedbusinesss,thatusesRoutingandRemoteAccessNATtechnologytoenablecomputersontheinternalcorporatenetworktoconnecttoresourcesontheInternetwithouthavingtodeployaproxyserver.
59.WhatistherealdifferencebetweenNATandPAT?
TakeNAT(NetworkAddressTranslation)andPAT(PortAddressTranslation).NATallowsyoutotranslateormaponeIPaddressontoanothersingleipaddress.PATontheotherhandiswhatismostcommonlyreferredtoasNAT.InaPATsystemyouhaveasingleorgroupofpublicIPaddressesthataretranslatedtomultipleinternalipaddressesbymappingtheTCP/UDPportstodifferentports.Thismeansthatbyusingsomemagiconarouterorserveryoucangetaroundproblemsthatyoumighthavewithtwowebbrowserssendingarequestoutthesameport.
60.HowdoyouconfigureNATonWindows2003?
http://www.windowsnetworking.com/articles_tutorials/NAT_Windows_2003_Setup_Configuration.html
ConfigureRoutingandRemoteAccessToactivateRoutingandRemoteAccess,followthesesteps:
1.ClickStart,pointtoAllPrograms,pointtoAdministrativeTools,andthenclickRoutingandRemoteAccess.2.Rightclickyourserver,andthenclickConfigureandEnableRoutingandRemoteAccess.3.IntheRoutingandRemoteAccessSetupWizard,clickNext,clickNetworkaddresstranslation(NAT),andthenclickNext.4.ClickUsethispublicinterfacetoconnecttotheInternet,andthenclickthenetworkadapterthatisconnectedtotheInternet.Atthisstageyouhavetheoptiontoreducetheriskofunauthorizedaccesstoyournetwork.Todoso,clicktoselecttheEnablesecurityontheselectedinterfacebysettingupBasicFirewallcheckbox.5.ExaminetheselectedoptionsintheSummarybox,andthenclickFinish.
ConfiguredynamicIPaddressassignmentforprivatenetworkclientsYoucanconfigureyourNetworkAddressTranslationcomputertoactasaDynamicHostConfigurationProtocol(DHCP)serverforcomputersonyourinternalnetwork.Todoso,followthesesteps:
1.ClickStart,pointtoAllPrograms,pointtoAdministrativeTools,andthenclickRoutingandRemoteAccess.2.Expandyourservernode,andthenexpandIPRouting.3.RightclickNAT/BasicFirewall,andthenclickProperties.
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
21/25
4.IntheNAT/BasicFirewallPropertiesdialogbox,clicktheAddressAssignmenttab.5.ClicktoselecttheAutomaticallyassignIPaddressesbyusingtheDHCPallocatorcheckbox.Noticethatdefaultprivatenetwork192.168.0.0withthesubnetmaskof255.255.0.0isautomaticallyaddedintheIPaddressandtheMaskboxes.Youcankeepthedefaultvalues,oryoucanmodifythesevaluestosuityournetwork.6.IfyourinternalnetworkrequiresstaticIPassignmentforsomecomputerssuchasfordomaincontrollersorforDNSserversexcludethoseIPaddressesfromtheDHCPpool.Todothis,followthesesteps:1.ClickExclude.2.IntheExcludeReservedAddressesdialogbox,clickAdd,typetheIPaddress,andthenclickOK.3.Repeatstepbforalladdressesthatyouwanttoexclude.4.ClickOK.
ConfigurenameresolutionToconfigurenameresolution,followthesesteps:
1.ClickStart,pointtoAllPrograms,pointtoAdministrativeTools,andthenclickRoutingandRemoteAccess.2.RightclickNAT/BasicFirewall,andthenclickProperties.3.IntheNAT/BasicFirewallPropertiesdialogbox,clicktheNameResolutiontab.4.ClicktoselecttheClientsusingDomainNameSystem(DNS)checkbox.IfyouuseademanddialinterfacetoconnecttoanexternalDNSserver,clicktoselecttheConnecttothepublicnetworkwhenanameneedstoberesolvedcheckbox,andthenclicktheappropriatedialupinterfaceinthelist.
61.HowdoyouallowinboundtrafficforspecifichostsonWindows2003NAT?
YoucanusetheWindowsServer2003implementationofIPSectocompensateforthelimitedprotectionsprovidedbyapplicationsfornetworktraffic,orasanetworklayerfoundationofadefenseindepthstrategy.DonotuseIPSecasareplacementforotheruserandapplicationsecuritycontrols,becauseitcannotprotectagainstattacksfromwithinestablishedandtrustedcommunicationpaths.YourauthenticationstrategymustbewelldefinedandimplementedforthepotentialsecurityprovidedbyIPSectoberealized,becauseauthenticationverifiestheidentityandtrustofthecomputerattheotherendoftheconnection.
62.WhatisVPN?WhattypesofVPNdoesWindows2000andbeyondworkwithnatively?
VPNgivesextremelysecureconnectionsbetweenprivatenetworkslinkedthroughtheInternet.Itallowsremotecomputerstoactasthoughtheywereonthesamesecure,localnetwork.
L2TP(layer2tunnelingprotocol)
vpnserverisalsoknowasL2TPserverinnativemode&inPPTPinmixedmode
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
22/25
63.WhatisIAS?Inwhatscenariosdoweuseit?
IASiscalledasInternetAuthenticationService.ItsusedbyforconfiguringcentralisedauthenticationusingRADIUSserver.
64.WhatsthedifferencebetweenMixedmodeandNativemodeinADwhendealingwithRRAS?
WhenyouareinMixedmodecertainoptionsinthedialintaboftheuserproeprtiesaredisabled.AndsomeoftheRRASpoliciesarealsodisabled.SoifyouwanthighlevelsecuritywithalltheadvancedfeaturethenchangetheADtoNativemode.
65.WhatistheRASandIASgroupinAD?
Usedformanagingsecurityandallowingadministrationfortherespectiverolesoftheserver.
66.WhatareConditionsandProfileinRRASPolicies?
Theconditionsandprofilesareusedtosetsomerestrictionsbasedonthemediatype,connectionmethod,groupmembershipandlotmore.Soifusedmatchesthoseconditionsmentionedintheprofilethenhecanallowed/deniedaccesstoRAS/VPNserver.
67.WhattypesorauthenticationcanaWindows2003basedRRASworkwith?
ItsupportsauthenticationmethodslikeMSCHAPv2,MSCHAP,SPAP,EAP,Digestauthentication.(YoucancheckitbygoingtopropertiesofyourserverinRRAS)
68.HowdoesSSLwork?
Internetcommunicationtypicallyrunsthroughmultipleprogramlayersonaserverbeforegettingtotherequesteddatasuchasawebpageorcgiscripts.
Theouterlayeristhefirsttobehitbytherequest.ThisisthehighlevelprotocolssuchasHTTP(webserver),IMAP(mailserver),andFTP(filetransfer).
Determiningwhichouterlayerprotocolwillhandletherequestdependsonthetypeofrequestmadebytheclient.ThishighlevelprotocolthenprocessestherequestthroughtheSecureSocketsLayer.IftherequestisforanonsecureconnectionitpassesthroughtotheTCP/IPlayerandtheserverapplicationordata.
Iftheclientrequestedasecureconnectionthessllayerinitiatesahandshaketobeginthesecurecommunicationprocess.DependingontheSSLsetupontheserver,itmayrequirethatasecureconnectionbemadebeforeallowingcommunicationtopassthroughtotheTCP/IPlayerinwhichcaseanonsecurerequestwillsendbackanerroraskingforthemtoretrysecurely(orsimplydenythenonsecureconnection).
69.HowdoesIPSecwork?
IPSecisanInternetEngineeringTaskForce(IETF)standardsuiteofprotocolsthatprovidesdataauthentication,integrity,andconfidentialityasdataistransferredbetweencommunicationpointsacrossIPnetworks.IPSecprovidesdatasecurityattheIPpacketlevel.Apacketisadatabundlethatisorganizedfortransmissionacrossanetwork,anditincludesaheaderandpayload(thedatainthe
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
23/25
packet).IPSecemergedasaviablenetworksecuritystandardbecauseenterpriseswantedtoensurethatdatacouldbesecurelytransmittedovertheInternet.IPSecprotectsagainstpossiblesecurityexposuresbyprotectingdatawhileintransit.
70.HowdoIdeployIPSecforalargenumberofcomputers?
JustusethisprogramServerandDomainIsolationUsingIPsecandGroupPolicy
71.WhattypesofauthenticationcanIPSecuse?
DeployingL2TP/IPSecbasedRemoteAccess
DeployingL2TPbasedremoteaccessVPNconnectionsusingWindowsServer2003consistsofthefollowing:
*Deploycertificateinfrastructure
*DeployInternetinfrastructure
*DeployAAAinfrastructure
*DeployVPNservers
*Deployintranetinfrastructure
*DeployVPNclients
*Implantarcertificadoinfraestrutura*ImplantarinfraestruturaInternet*ImplantarinfraestruturaAAA*ImplementarVPNservidores*Implantarintranetinfraestrutura*ImplementarclientesVPN
72.WhatisPFS(PerfectForwardSecrecy)inIPSec?
Inanauthenticatedkeyagreementprotocolthatusespublickeycryptography,perfectforwardsecrecy(orPFS)isthepropertythatensuresthatasessionkeyderivedfromasetoflongtermpublicandprivatekeyswillnotbecompromisedifoneofthe(longterm)privatekeysiscompromisedinthefuture.Forwardsecrecyhasbeenusedasasynonymforperfectforwardsecrecy[1],sincethetermperfecthasbeencontroversialinthiscontext.However,atleastonereference[2]distinguishesperfectforwardsecrecyfromforwardsecrecywiththeadditionalpropertythatanagreedkeywillnotbecompromisedevenifagreedkeysderivedfromthesamelongtermkeyingmaterialinasubsequentrunarecompromised.
73.HowdoImonitorIPSec?
TotesttheIPSecpolicies,useIPSecMonitor.IPSecMonitor(Ipsecmon.exe)providesinformationaboutwhichIPSecpolicyisactiveandwhetherasecurechannelbetweencomputersisestablished.
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
24/25
74.LookingatIPSecencryptedtrafficwithasniffer.WhatpackettypesdoIsee?
Youcanseethepackagestopass,butyoucannotseeitscontents
IPSecPacketTypesIPSecpackettypesincludetheauthenticationheader(AH)fordataintegrityandtheencapsulatingsecuritypayload(ESP)fordataconfidentialityandintegrity.Theauthenticationheader(AH)protocolcreatesanenvelopethatprovidesintegrity,dataoriginidentificationandprotectionagainstreplayattacks.Itauthenticateseverypacketasadefenseagainstsessionstealingattacks.AlthoughtheIPheaderitselfisoutsidetheAHheader,AHalsoprovideslimitedverificationofitbynotallowingchangestotheIPheaderafterpacketcreation(notethatthisusuallyprecludestheuseofAHinNATenvironments,whichmodifypacketheadersatthepointofNAT).AHpacketsuseIPprotocol51.Theencapsulatingsecuritypayload(ESP)protocolprovidesthefeaturesofAH(exceptforIPheaderauthentication),plusencryption.ItcanalsobeusedinanullencryptionmodethatprovidestheAHprotectionagainstreplayattacksandothersuchattacks,withoutencryptionorIPheaderauthentication.ThiscanallowforachievingsomeofthebenefitsofIPSecinaNATenvironmentthatwouldnotordinarilyworkwellwithIPSec.ESPpacketsuseIPprotocol50.
75.WhatcanyoudowithNETSH?
Netshisacommandlinescriptingutilitythatallowsyouto,eitherlocallyorremotely,display,modifyorscriptthenetworkconfigurationofacomputerthatiscurrentlyrunning.
76.HowdoIlookattheopenportsonmymachine?
Windows:Openacommandprompt(Startbutton>Run>typecmd),andtype:netstata
Linux:OpenanSSHsessionandtype:netstatan
Comments(8)
8Comments
1.
SyyedSahaballahTalaAppkiIlimmedindugnitaraqqiatafarmayayehnoteshumlogokeliyebahutmadadgarhaiAllahaapapnepiyaNabikesadkeaapkejayeztammanpurikareauraapkoharbalaaurtufansesalamtrakhe
CommentbyMohammedshamimJuly27,2011@4:11PM
ReplyJazakAllah!
CommentbyPinochio/zaibJuly28,2011@7:43AM
Reply2.
SyyedSahaballahTalaAppkiilimmedindugnitaraqqiatafarmayayehnoteshumlogokeliyebahut
madadgarhaiAllahaapapnepiyareNabikesadkeaapkejayeztammanpurikareauraapkoharbalaaurtufansesalamtrakhe
About these ads
-
6/8/2015
TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB/[email protected]|SyedJahanzaibPersonn
https://aacable.wordpress.com/2010/02/17/technicalinterviewquestionspart13networkingeditedmaintainedbysyedjahanzaibaacablehotmailcom/
25/25
CommentbyMohammedshamimJuly27,2011@4:13PM
Reply3. Assalam,
Awesomework.!!Veryusefulinformation
IamunabletofindalinkforTechnicalInterviewQuestions(Part3/3)couldyoupleasehelpmewiththatlink!
Thanksalotforsahringveryusefulinformation!
Regards,Mohasin
CommentbyMohasinMarch13,2012@10:50PM
Reply4. metounabletofind3/3link
CommentbymohankumarvMay23,2012@3:10PM
Reply5.
[]TechnicalInterviewQuestions(Part1/3)[Networking]Edited&MaintainedbySYEDJAHANZAIB
/aFiledunder:GeneralITRelatedSyedJahanzaib/Pinochio~:)@6:33AM[]
PingbackbyGeneralNetworkEngineerInterviewQuestionsGeneralKnowledgeQuestionsYogesh(Yogi)June6,2012@1:32AM
Reply6.
Salam;CanIhavesomeGroupPolicyQuestionslikeActiveDirectory.Shukran.ShoaibLat
CommentbyShoaibLatApril12,2014@6:35AM
Reply7.
ThanksforurbriefanswerSendtelecominterviewqandalinkinmymailid
CommentbymageshJune21,2014@12:29PM
Reply
RSS(ReallySimpleSyndication)feedforcommentsonthispost.TrackBackURI(UniformResourceIdentifier)
TheSilveristheNewBlackTheme.BlogatWordPress.com.
Follow
FollowSyedJahanzaibPersonnelBlogtoShareKnowledge!
BuildawebsitewithWordPress.com