Windows Administrator L1 & L2 System Admin Interview Questions !


L2 System Admin Interview Questions

Windows Administrator L1 & L2 System Admin Interview Questions !

1. What is the Difference Between DNS & WINS Servers?

Domain Name System (DNS) :
1. It resolves Hostnames to IP addresses and vice versa
2. It supports Hierarchical Structure for host names
3. Host name up to 64 Characters (FQDN is up to 255 characters)
4. It works with Windows and Unix
5. DNS works with only TCP/IP protocol
6. DNS is static in NT 4.0 and Dynamic in 2000 onwards

Windows Internet Name Service (WINS) :
1. It resolves NetBIOS names to IP addresses and vice versa
2. It supports Flat structure for NetBIOS names
3. Host name is up to 15 characters (16th character indicates service)
4. Works with only Windows
5. Works with only TCP/IP Protocol
6. It supports the Dynamic updation of the database
2. What is the Difference Between Disk Duplexing & Disk Mirroring?
Disk Mirroring :Disk mirroring uses only one disk controller. In RAID1, or disk mirroring, one drive in the array acts as a “mirror” drive, backing up all the data on the primary drive on-the-fly.
Disk Duplexing : It uses additional disk controller. Duplexing adds another disk controller. So in case one controller fails, the other can pick up without any interruption in service.
• Mirroring Data is copied from on-disk controller (channel) to two disk drivers. If one drive fails, the other is still operational.
• Duplexing Data is duplicated over two disk channels and stored on two drives. This method extends fault tolerance to the controller.
• Server duplexing This method provides fault tolerance by duplicating the entire file server. If one server fails, the other provides continuous service to users. For example, Novell’s System Fault Tolerance provides server duplexing.
• Replication A strategy of duplicating critical files and directories from a server at one location to a server at another location to make that information more accessible to users at the remote location and also to provide redundancy and backup. See “Redundancy” and “Replication.”
• Clustering A cluster is a group of servers that share access to the same resources and service clients equally. Should one of the servers go down, the others take up the processing load. Clustered servers may access the same disk systems, which may be mirrored or in a RAID configuration. See “Clustering.”
• Mirror site A mirror site is a duplicate data center, located at another site, that contains duplicate systems and data. The duplicate data center should go into operation as the primary site if the master data center site fails for any reason. Companies running mission-critical applications will often create mirrored sites. See “Data Center Design.”

3. How many types of Backups are available?

Backups are 5 Types:
1. Normal or Full
2. Daily
3. Copy
4. Incremental
5. Differential
4. What is the Difference Between Differential Backup & Incremental Backup?

Incremental Backup resets the Archieve bits

Differential Backup doesn’t reset the Archieve bits

5. Tell about the DHCP functionality?

• DHCP client sends special broadcast packet to DHCP Discover Message
• Nearest DHCP server responds by sending DHCP offer message
• DHCP client sends a DHCP request message
• DHCP ACK message broadcasts by DHCP server
• DHCP client configures its TCP/IP stack by using address it accepted from the server.

6. Difference between Hub & Switch?
• Hub is a Layer 1 (L1) Device
• It works on shared Bandwidth
• It have One Broadcast domain & One collision domain
• It sends the packets to every active port in the HUB, so traffic is more.
• Useful in small network Environment

• It is a Layer 2 (L2) Device.
• It have one Broadcast domain.
• It have many collision domains (Every port have its own collision domain)
• It sends the packets to only to the destination IP by learning the Destination IP. So traffic is less compared to Hub.
• Useful in Medium & Large networks.
7. We have 3 Hard disks with capacity of 2GB, 5GB and 4GB. If I implemented RAID 5, How much space available for User ?

RAID5 takes the minimum disk space as basic so it takes 2GB from every disk so 6GB is total disk available. In that 2GB is for Parity. So totally 4GB is available for User.

8. What is the Booting process of Windows 2000?

1. NTLDR runs and then calls NTDETECT.COM, it checks the computers hardware attributes (Type of vedio, hard disk, ports, memory and so on)
2.Based on the results of the search, NTDETECT compiles a list of hardware. This information is placed in the Registry under the appropriate hardware keys.
3.NTLDR reads an ASCII text file BOOT.INI to determine which other OS are on the hard disk. (This file created during setup, is located in the root directory of the boot partition.
4.After the countdown period ends, the default OS in loaded
5.NT starts the booting process by loading the low level drivers and services
6. The GUI and higher drivers load, and NT logon security screen appears.

9. What is the Role of NTDETECT file?

• NTDETECT.COM checks the computers hardware attributes (Type of vedio, hard disk, ports, memory and so on)

10. Which options are available in Windows Security Logon window?

• Lock Computer,
• Logoff,
• Shutdown,
• Change Password,
• Task Manager,
• Cancel

11. What is hosts and lmhosts files explain?

• Hosts file used for DNS to resolve Hostnames to IP Address and Vice Versa
• LMHOSTS file is used for WINS to resolve NetBIOS names to IP Address and Vice Versa

12. What “h mode” indicates in WINS?

In DHCP 4 Modes are available to resolve NetBIOS names to IP Address.
1. B-Node (Broadcast) :
2. P-Node (Peer-to-Peer):
3. M-Node (Mixed):
4. H-Node (Hybrid):

13. User locked the system and forget password. If we reset the password can the user able to logon immediately?

• It is not possible in NT 4. Even if u change the password, user should restart the system. It is possible in 2003 server. There is no need to restart the PC

14. Basic difference between between PDC and BDC?

Primary Domain Controller (PDC):
1. A single member computer of an NT Domain that is running Windows NT server.
2. This maintains the SAM database for the Domains (R/W SAM Database)
3. It Authenticates the logon users.
4. It updates the SAM database in BDC

Backup Domain Controller (BDC):
1. A member computer of an NT Domain that shares the load of user security
2. This machine has to run windows NT server and maintains a copy of SAM database.
3. The SAM database in BDC is Read only. It gets updated from PDC.
3. Whenever PDC is down, We can promote the BDC as a PDC.

SAM: A protected sub system that operates and maintains the security accounts manager database

Security Accounts Manager (SAM) Database: the database that contains the user accounts, Passwords, and other settings for each user

15. Can we create users in BDC?

• Yes. We can create the users in BDC, Whenever users are created in BDC immediately the changes are updated in PDC

16. What is EIGRP and IGRP?

Interior Gateway Routing Protocol (IGRP):
• Cisco Proprietary protocol.
• Distance Vector protocol
• Metric is Bandwidth of Delay
• Administrative distance 100
• Classful Routing protocol
• Periodic Routing protocol (sends entire routing table to the neighbour router for every 90 secs)
• Does not supporting Subnetting
• Minimum HOP count 100 ( can go upto 255)
• Slow convergence
• Used for medium sized networks
• Uses AS numbers (1-65535)

Enhanced Interior Gateway Routing Protocol (EIGRP):
• Cisco’s proprietary protocol
• Advance distance vector protocol
• Hybrid protocols (distance vector + link state)
• Metric is 5 Factors (Bandwidth, Delay, Reliability, Load Maximum, Transmission Unit)
• Works on basis of AS numbers
• AD Value 90 internal, 170 external
• It supports triggered update (whenever change in topology that particular information will sent)
• Supports subnetting
• Classless routing protocol
• It supports multiple network layer protocol
• It uses DUAL (Diffusion Update Algorithm) to select the best path
• Route is represented by D symbol
• It keeps 3 routing tables (Topology table, Neighbour table, Routing table)
• Auto summarization by default, but manual summarization is also possible.

17. What is RIP explain?

Routing Information Protocol (RIP):
• It is a standard protocol
• Distance Vector protocol
• Metric is HOP count
• Administrative distance 120
• RIP Ver 1.0 does not supports subnetting, It is a Classfull routing protocol
• Periodic routing updates (sends entire routing table for every 30 secs)
• Does not supports subnetting
• Uses broadcast address to send the updates
• Maximum HOP count is 15
• Slow convergence
• Used for small inter networks
• RIP V 2.0 suports subnetting, It is a classless routing protocol, It sends updates through multicast address

18. What is difference between Router and Switch?

• It is a Layer 3 (L3) device
• It breaks broadcast + collision domains
• It forwards the packets to other networks

• It is a Layer 2 (L2) device
• By default all the ports are in one broadcast domain
• It breaks the Collision domain (Every port have its own collision domain)
• It does not have WAN ports
• Only used in LAN environment
19. What is difference between L2 & L3 Switch?

• L2 switch is used only for Switching
• L2 switch have one broadcast domain and breaks the Collision domain
• Static & Dynamic VLAN’s possible, but inter VLAN communication not possible

• L3 switch is used for switching & routing purpose
• L3 switch breaks the Broadcast domain & Collision domain
• Static & Dynamic VLAN;s possible, Inter VLAN communication possible (Router)
• L3 switch can be used in LAN environment for fast throughput
20. What shows “net use”?

• NET USE displays the present connected Mapped drives in the system

21. How can u map a folder by using Command Prompt?

• NET USE Z: \\ap-ftpsrv\drivers

22. What is ADS and what are the Functions of ADS?

• ADS is a Directory service which stores all the information in a central location.
• It provides the network accessibility to users, applications and administrators.
• In ADS everything is stored as an Object. It contains Class Objects and Attribute Objects
• All identical objects comes under one class ex. All users comes under User class
• Attributes are the properties of the Object ex. For user – full name, logon name etc

Simplifies Management:
 Eliminates redundant management tasks. Provides a single-point of management for Windows user accounts, clients, servers, and applications as well as the ability to synchronize with existing directories.
 Reduces trips to the desktop. Automatically distributes software to users based on their role in the company, reducing or eliminating multiple trips that system administrators need to make for software installation and configuration.
 Better maximizes IT resources. Securely delegates administrative functions to all levels of an organization.
 Lowers total cost of ownership (TCO). Simplifies the management and use of file and print services by making network resources easier to find, configure, and use.

Strengthens Security:
 It improves password security and management. By providing single sign-on to network resources with integrated, high-powered security services that are transparent to end users.
 It ensures desktop functionality. By locking-down desktop configurations and preventing access to specific client machine operations, such as software installation or registry editing, based on the role of the end user.
 It speeds e-business deployment. By providing built-in support for secure Internet-standard protocols and authentication mechanisms such as Kerberos, public key infrastructure (PKI) and lightweight directory access protocol (LDAP) over secure sockets layer (SSL).
 It tightly controls security. By setting access control privileges on directory objects and the individual data elements that make them up.

Extends Interoperability:
 Takes advantage of existing investments and ensures flexibility. Standards-based interfaces to all features make use of investments and ensure flexibility for future applications and infrastructure.
 Consolidates management of multiple application directories. Using open interfaces, connectors, and synchronization mechanisms, organizations can consolidate directories including Novell’s NDS, LDAP, ERP, e-mail, and other mission-critical applications.
 Allows organizations to deploy directory-enabled networking. Network devices from leading vendors such as Cisco and 3COM can use the directory to let administrators assign quality of service and allocate network bandwidth to users based on their role in the company.
 Allows organizations to develop and deploy directory-enabled applications. Using the fully extensible directory architecture, developers can build applications that deliver functionality tailored to the needs of the end user.

23. What are the 4 Partitions of the ADS, explain?

Naming Contexts and Directory Partitions:
Each domain controller in an Active Directory forest includes directory partitions. Directory partitions are also known as naming contexts. A directory partition is a contiguous portion of the overall directory that has independent replication scope and scheduling data. By default, the Active Directory for an enterprise contains the following partitions:
• Schema Partition: Schema holds information on the definition of objects within the network. The schema partition contains the classSchema and attributeSchema objects that define the types of objects that can exist in the Active Directory forest. Every domain controller in the forest has a replica of the same schema partition.
Defines rules for object creation and modification for all objects in the forest. Replicated to all domain controllers in the forest. Replicated to all domain controllers in the forest, it is known as an enterprise partition.
• Configuration Partition: Configuration partition holds information relating to the forest structure. The configuration partition contains replication topology and other configuration data that must be replicated throughout the forest. Every domain controller in the forest has a replica of the same configuration partition.
Information about the forest directory structure is defined including trees, domains, domain trust relationships, and sites (TCP/IP subnet group). Replicated to all domain controllers in the forest, it is known as an enterprise partition.
• Domain Partition: The domain partition contains the directory objects, such as users and computers, associated with the local domain. A domain can have multiple domain controllers and a forest can have multiple domains. Each domain controller stores a full replica of the domain partition for its local domain, but does not store replicas of the domain partitions for other domains.
Has complete information about all domain objects (Objects that are part of the domain including OUs, groups, users and others). Replicated only to domain controllers in the same domain.

• Application Directory Partitions: The application directory partition provides the capability of hosting dynamic data in Active Directory, thus allowing ADSI/LDAP access to it, without significantly impacting network performance. Dynamic data typically changes more frequently than the replication latency involved in propagating the change to all replicas of the data. In Windows 2000, the support for dynamic data is limited. Storing dynamic data in a domain partition can be complicated. The data is replicated to all domain controllers in the domain, which is often unnecessary and can result in inconsistent data due to replication latency. This can adversely impact network performance.
24. What are the requirements to install ADS?

• An NTFS partition with enough free space (1 GB)
• An Administrator’s username and password
• The correct operating system version
• Properly configured TCP/IP (IP address, subnet mask and – optional – default gateway)
• A network connection (to a hub or to another computer via a crossover cable)
• An operational DNS server (which can be installed on the DC itself)
• A Domain name that you want to use
• The Windows 2000 or Windows Server 2003 CD media (or at least the i386 folder)

4. Which protocol is used behind the ADS?

Light Weight Directory Access Protocol (LDAP) is used
25. What is the difference between LDAP and DAP?

Lightweight Directory Access Protocol:
LDAP is a communication protocol designed for use on TCP/IP networks. LDAP defines how a directory client can access a directory server and how the client can perform directory operations and share directory data. LDAP standards are established by working groups of the Internet Engineering Task Force (IETF). Active Directory implements the LDAP attribute draft specifications and the IETF standards for LDAP versions 2 and 3.
As its name implies, LDAP is designed as an efficient method for accessing directory services without the complexity of other directory service protocols. Because LDAP defines what operations can be performed to query and modify information in a directory and how information in a directory can be securely accessed, you can use LDAP to find or enumerate directory objects and to query or administer Active Directory.
26. What is Schema and Global Catalog Server explain?
Schema: The Schema is a Blue Print of Active Directory. It contains rules for object instantiation (representation) the schema governs the structure and content of Active Directory with structure and content rules. Because everything in Active Directory is stored in objects, the schema is implemented as a number of objects. There is one object for each class in the schema (classSchema objects) and one for each attribute (attributeSchema objects). However, there are no objects for the syntaxes; they are hard-coded into Active Directory. This means that classes and attributes can be created and modified, but syntaxes cannot.
Global Catalog: The Global catalog is the central repository of information about objects in a tree or forest, as shown in Figure (D) By default, a global catalog is created automatically on the initial domain controller in the forest, known as the global catalog server. It stores a full replica of all object attributes in the directory for its host domain and a partial replica for all object attributes contained in the directory of every domain in the forest. The partial replica stores attributes most frequently used in search operations (such as a user’s first and last names, logon name, and so on). Object attributes replicated to the global catalog inherit the same permissions as in source domains, ensuring that data in the global catalog is secure.
The global catalog performs two key directory roles:
• It enables network logon by providing universal group membership information to a domain controller when a logon process is initiated.
• It enables finding directory information regardless of which domain in the forest actually contains the data.
27. If the Laptop is not displaying when u boot it, what is solution?

• Check for the Power Loose connections
• Remove Laptop battery and put it again and connect the power cable
• Wait for 2 minutes and Start the Laptop.

28. If the system performance is slow, how can u speed it?

• Remove Temp Files & Quarantine Files
• Execute the Disk Defragmentation tool
• Check for Viruses and scanned the system
• Check the services and deletes the unnecessary services.
• Check the Virtual Memory settings

29. How u r upgraded Anti Virus from Corporate Edition 9 to 10?

• For client upgradations, by using Symantec System Center Console.
• We push the anti virus into Client.
• Requirements – IE 5.5 or above and 100MB space

30. What is the difference between DNS & WINS?

Domain Name System (DNS) :
1. It resolves Hostnames to IP addresses and vice versa
2. It supports Hierarchical Structure for host names
3. Host name up to 64 Characters (FQDN is up to 255 characters)
4. It works with Windows and Unix
5. DNS works with only TCP/IP protocol
6. DNS is static in NT 4.0 and Dynamic in 2000 onwards

Windows Internet Name Service (WINS) :
1. It resolves NetBIOS names to IP addresses and vice versa
2. It supports Flat structure for NetBIOS names
3. Host name is up to 15 characters (16th character indicates service)
4. Works with only Windows
5. Works with only TCP/IP Protocol
5. It supports the Dynamic updation of the database

31. If u r connected to the Internet which is used DNS or WINS?

• DNS is used. Because it is having the Hierarchical structure.

32. If u install DNS at the time of promoting the Workstation as DC. Is it creates any more records?

• Yes, If u install DNS at the time of DCPROMO. The DNS contains the active directory integrated zones. It wont have the Text zone files. It stores the zone information in the Active Directory database (NTDS.NIT) file.

33. What is the use of DHCP Server explain the process?

• DHCP client sends special broadcast packet to DHCP Discover Message
• Nearest DHCP server responds by sending DHCP offer message
• DHCP client sends a DHCP request message
• DHCP ACK message broadcasts by DHCP server
• DHCP client configures its TCP/IP stack by using address it accepted from the server.

34. If 2 DHCP servers are available, from which server the client takes IP?

• The client machine typically repeats the discover message several times to make sure it hears from all the servers, then eventually chooses the “best” server, where what is “best” is up to the client. It may mean that the addresses the DHCP server has available offer the longest lease time. Or the client might prefer a server that provides WINS servers over one that doesn’t

35. What are the FSMO Roles (Master Operations) and explain?
Windows 2000 Single-Master Model:
To prevent conflicting updates in Windows 2000, the Active Directory performs updates to certain objects in a single-master fashion. In a single-master model, only one DC in the entire directory is allowed to process updates. This is similar to the role given to a primary domain controller (PDC) in earlier versions of Windows (such as Microsoft Windows NT 3.51 and 4.0), in which the PDC is responsible for processing all updates in a given domain.

The Windows 2000 Active Directory extends the single-master model found in earlier versions of Windows to include multiple roles, and the ability to transfer roles to any domain controller (DC) in the enterprise. Because an Active Directory role is not bound to a single DC, it is referred to as a Flexible Single Master Operation (FSMO) role. Currently in Windows 2000 there are five FSMO roles:

Schema Master:
• This DC is the only one that can process updates to the directory schema
• It controls all originating updates to the schema
• It contains master list of object classes and attributes that are used to create all active directory objects such as users, computers and printers.
• The schema updates are replicated to all Domain Controllers in the Forest.
• Only schema admins group can make modifications to the schema

Domain Naming Master:
• It controls the addition or Removal of domains in the Forest
• It is responsible to ensuring that the domain names are UNIQUE.
• It manages the naming of sites to ensure that a duplicate sites are not created.
• It must also be running as a Global Catalog Server for querying objects in AD.

PDC Emulator:
• It acts as a PDC to supports NT BDC’s and pre windows 2000 based client computers
• Updates password changes from pre windows 2000 based client computers
• Minimizes replication latency for password changes for 2000 based client computers
• Manages the Time synchronization
• Preventing the possibilities of overwriting GPO’s

Relative Identifier (RID) Master:
• It allocates blocks of RIDs to each domain controller in the Domain
• Prevents Object duplication if objects move from one Domain Controller to other.
• Object SID = Domain SID + RID
• It is UNIQUE for each object in AD.
• We can’t create the objects if the RID Master Fails.

Infrastructure Master:
• It is responsible to updating group membership data for groups that have members that move between two or more domains
• Updates references to Objects and Group membership from other domains.
• The infrastructure master is responsible for managing group and user references.
36. Where is ADS existed physically?


Files in Active Directory:
1) NTDS.DIT (Directory database file stores all the AD objects in the Domain Controller)
2) EDB*.LOG (Each transaction is recorded in one or more log files. Each file contains 10MB of space)
3) EDB.CHK (Checkpoint file used by AD engine to track the data not yet written to the Active Directory database file)
4) RES1.LOG & RES2.LOG (If all disk space is used. Then AD uses this 20MB space for log files)

37. What is the use of SYSVOL folder?

• The SYSVOL share contains W2K software distribution files, scripts, and ADM templates as well as the Group Policy Template. An NT administrator would consider Sys vol to be W2K’s version of NETLOGON. Replication in W2K is handled by the File Replication Service to keep the SYSVOL share synched between W2K domain controllers. In fact, W2K creates the NETLOGON share for down-level clients, Win9x and Windows NT, under the SYSVOL structure.

38. Where is Group Policy located physically? What is the use of GPO?

• C:/Winnt/SYSVOL/sysvol/

• We can restrict the Users Desktop environments by using Group Policies.
• We can create GPOs to Sites, Domains and OUs.
• All the GPOs applied based on the Computer / User
• The precedence order for processing GPO’s are LSDOU.
• By using GPOs We can deploy the applications to Clients
39. How can u deploy the applications or patches in clients?

• By using Windows Server Update Services (WSUS 2.0) (for small Organizations)


• System Management Server (SMS) 2003 (for Medium/Big Organizations)

40. How can the client OS updates automatically with latest security updates?

• If we have the internet. Select Windows Update option
• It will updates SP, Security Patches and IE and others

41. Tell about the GHOST?

• It is a Symantec Disk Cloning Utility
• We can Clone Disk to Disk or Partition to Partition

42. How can you see the performance of CPU and Memory?

• Go to Task Manager and see the Performance tab

43. What is RAID and explain all Levels?

• RAID is for Fault tolerance and Performance
• RAID 0 to RAID 6 & RAID 10 & RAID 01 are available
• RAID 0 for striped set
• RAID 1 for Disk Mirroring
• RAID 5 for Parity