FIREWALL

What is a Firewall?

A firewall is a piece of software or hardware that helps screen out hackers, viruses, and worms that try to reach your computer over the Internet. If you are a home user or small-business user, using a firewall is the most effective and important first step you can take to help protect your computer.

Different Types of Firewalls

Different firewalls use different techniques. Most firewalls use two or more of the following techniques:

Packet Filters:

A packet filter looks at each packet that enters or leaves the network and accepts or rejects the packet based on user-defined rules. Packet filtering is fairly effective and transparent, but it is difficult to configure. In addition, it is susceptible to IP spoofing.

Application Gateway:

An application gateway applies security mechanisms to specific programs, such as FTP and Telnet. This technique is very effective, but it can cause performance degradation.

Circuit-layer Gateway:

This technique applies security mechanisms when a Transmission Control Protocol (TCP) or User Datagram Protocol (UDP) connection is established. After the connection has been established, packets can flow between the hosts without any further checking.

Proxy Server:

A proxy server intercepts all messages that enter and leave the network. The proxy server effectively hides the true network addresses.

Application Proxies:

Application proxies have access to the whole range of information in the network stack. This permits the proxies to make decisions based on basic authorization (the source, the destination and the protocol) and also to filter offensive or disallowed commands in the data stream. Application proxies are "stateful," meaning they keep the "state" of connections inherently. The Internet Connection Firewall feature that is included in Windows XP is a "stateful" firewall, as well as, the Windows Firewall. The Windows Firewall is included with Windows XP Service Pack 2 (SP2).

What does a firewall do?

A firewall examines all traffic routed between the two networks to see if it meets certain criteria. If it does, it is routed between the networks, otherwise it is stopped. A firewall filters both inbound and outbound traffic. It can also manage public access to private networked resources such as host applications. It can be used to log all attempts to enter the private network and trigger alarms when hostile or unauthorized entry is attempted. Firewalls can filter packets based on their source and destination addresses and port numbers. This is known as address filtering. Firewalls can also filter specific types of network traffic. This is also known as protocol filtering because the decision to forward or reject traffic is dependant upon the protocol used, for example HTTP, ftp or telnet. Firewalls can also filter traffic by packet attribute or state.

What can't a firewall do?

A firewall cannot prevent individual users with modems from dialling into or out of the network, bypassing the firewall altogether. Employee misconduct or carelessness cannot be controlled by firewalls. Policies involving the use and misuse of passwords and user accounts must be strictly enforced. These are management issues that should be raised during the planning of any security policy but that cannot be solved with firewalls alone.

The arrest of the Phonemasters cracker ring brought these security issues to light. Although they were accused of breaking into information systems run by AT&T Corp., British Telecommunications Inc., GTE Corp., MCI WorldCom, Southwestern Bell, and Sprint Corp, the group did not use any high tech methods such as IP spoofing (see question 10). They used a combination of social engineering and dumpster diving. Social engineering involves skills not unlike those of a confidence trickster. People are tricked into revealing sensitive information. Dumpster diving or garbology, as the name suggests, is just plain old looking through company trash. Firewalls cannot be effective against either of these techniques.

Who needs a firewall?

Anyone who is responsible for a private network that is connected to a public network needs firewall protection. Furthermore, anyone who connects so much as a single computer to the Internet via modem should have personal firewall software. Many dial-up Internet users believe that anonymity will protect them. They feel that no malicious intruder would be motivated to break into their computer. Dial up users who have been victims of malicious attacks and who have lost entire days of work, perhaps having to reinstall their operating system, know that this is not true. Irresponsible pranksters can use automated robots to scan random IP addresses and attack whenever the opportunity presents itself.

How does a firewall work?

There are two access denial methodologies used by firewalls. A firewall may allow all traffic through unless it meets certain criteria, or it may deny all traffic unless it meets certain criteria. The type of criteria used to determine whether traffic should be allowed through varies from one type of firewall to another. Firewalls may be concerned with the type of traffic, or with source or destination addresses and ports. They may also use complex rule bases that analyse the application data to determine if the traffic should be allowed through. How a firewall determines what traffic to let through depends on which network layer it operates at. A discussion on network layers and architecture follows.

Desktop Firewall

Any software installed on an operating system to protect a single computer, like the one included with Windows XP, is called a desktop or personal firewall. This type of firewall is designed to protect a single desktop computer. This is a great protection mechanism if the network firewall is compromised.

Software Firewall

This type of firewall is a software package installed on a server operating system which turns the server into a full fledged firewall. Many people do not consider this the most secure type of firewall as you have the inherit security issues of the underlying operating system. This type of firewall is often used as an application firewall. This means the firewall is optimized to protect applications such as web application and email servers. Software firewalls have complex filters to inspect the content of the network traffic to insure that type of traffic is properly formatted. This type of firewall is usually (but not always) behind hardware firewalls (explanation to follow).

Hardware Firewall

A hardware firewall is a dedicated hardware device with a proprietary operating system or a stripped down operating system core. These firewalls include network routers with additional firewall capabilities. These firewalls are designed to handle large amounts of network traffic. Hardware firewalls are often placed on the perimeter of the network to filter the internet noise and only allow pre-determined traffic into the network. Sometimes hardware firewalls are used in conjunction with software firewalls so the hardware firewall filters out the traffic and the software firewall inspects the network traffic. When hardware firewalls are bombarded with bogus network traffic they drop the unwanted traffic only letting in the right traffic. This not only protects the software firewall but allows the software firewall only has to inspect proper network traffic thus the combination optimizes the network throughput.

Network-Level Firewalls

The first generation of firewalls (c. 1988) worked at the network level by inspecting packet headers and filtering traffic based on the IP address of the source and the destination, the port and the service. Some of these primeval security applications could also filter packets based on protocols, the domain name of the source and a few other attributes.

Network-level firewalls are fast, and today you'll find them built into most network appliances, particularly routers. These firewalls, however, don't support sophisticated rule-based models. They don’t understand languages like HTML and XML, and they are capable of decoding SSL-encrypted packets to examine their content. As a result, they can’t validate user inputs or detect maliciously modified parameters in an URL request. This leaves your network vulnerable to a number of serious threats.

Circuit-Level Firewalls

These applications, which represent the second-generation of firewall technology, monitor TCP handshaking between packets to make sure a session is legitimate. Traffic is filtered based on specified session rules and may be restricted to recognized computers only. Circuit-level firewalls hide the network itself from the outside, which is useful for denying access to intruders. But they don't filter individual packets.

Application-Level Firewalls

Recently, application-level firewalls (sometimes called proxies) have been looking more deeply into the application data going through their filters. By considering the context of client requests and application responses, these firewalls attempt to enforce correct application behavior, block malicious activity and help organizations ensure the safety of sensitive information and systems. They can log user activity too. Application-level filtering may include protection against spam and viruses as well, and be able to block undesirable Web sites based on content rather than just their IP address.

If that sounds too good to be true, it is. The downside to deep packet inspection is that the more closely a firewall examines network data flow, the longer it takes, and the heavier hit your network performance will sustain. This is why the highest-end security appliances include lots of RAM to speed packet processing. And of course you'll pay for the added chips.

Stateful Multi-level Firewalls

SML vendors claim that their products deploy the best features of the other three firewall types. They filter packets at the network level and they recognize and process application-level data, but since they don't employ proxies, they deliver reasonably good performance in spite of the deep packet analysis. On the downside, they are not cheap, and they can be difficult to configure and administer.

Trouble Shooting server problems

Loss of connectivity:
Check all cable connections.
Check media state for all wired and wireless network interfaces.
Check network connectivity by pinging another computer on the network.
Check internetwork connectivity by pinging a com
Check IP address and default gateway settings.
Check DNS and WINS
Check proxy settings.
Check security policies and authentication settings.
Check whether the server’s TCP/IP settings are correct

Physical layer problems:
Is the server running?
Are necessary peripherals attached and running properly?
Are network cables properly connected?
Are NICs connectivity/power lights on?
Is recently added hardware compatible with operating system?
Are correct drivers installed on server?
Are New Devices causing internel BIOS conflicts on server?

Name resolution problems:
Can you ping another system by both name and IP address?
Check DNS settings.
Check WINS settings.
Check HOSTS and LMHOSTS files.
Ensure that there are no obsolete host file entries.

Application Problems:
Does the application interact with networking?
Are all installed applications compatible with the configured network settings?
Check the event log for application errors.
Check the application log (Start Programs Admin.Tools Event Viewer) for application errors.

Print server problems:
Is the printing device working and are all connections secure?
Make sure the correct printer drivers are installed.
Check the print spooler service to ensure that it is running.
Check to see that there is plenty of disk space on the server for spooling.
Check the permissions set on the printer.
If your network is an Active Directory Domain,Check group policy settings for printers.

E-Mail server problems:
Ensure that the Mail Exchange (MX) resource records in your DNS entries are correct.
Ensure that the mail server has plenty of disk space for user mailboxes.
If you want your mail server to receive mail from other mail servers,ensure that your mail server is configured to enable relay.

Terminal Services problems:
In an Active Directory domain,check Group policy and individual users account properties if users are unable to connect to the terminal server or are unexpectedly disconnected.
Ensure that Terminal Services and/or Remote Desktop are configured correctly.
Ensure that you have set up a Terminal services license server and that you have sufficient licenses.

Dial-up/remote access server problems:
Ensure that remote access service are installed and configured on your server.
Make sure the service is started.
Ensure that your dial-in, PPTP, and/or L2TP ports are enabled to accept inbound remote access calls.
Ensure that the remote access server is configured to allow connections on the protocol(s) that are being used by the remote clients.

What else could the problem be?
Check your server's security settings,as well as any site- ordomine-wide security policies that may be preventing connectivity.
Check client licenses and licensing settings.
Check the routers and the client computers to ensure that the real problem doesn't lie elsewhere.

Windows Server Questions

1.What are the Features of windows2003?
ACTIVE DIRECTORY

Easier Deployment and Management
ADMT version 2.0—migrates password from NT4 to 2000 to 20003 or from 2000 to 2003
Domain Rename--- supports changing Domain Name System and/or NetBios name
Schema Redefine--- Allows deactivation of attributes and class definitions in the Active directory schema
AD/AM--- Active directory in application mode is a new capability of AD that addresses certain deployment scenarios related to directory enabled applications
Group Policy Improvements----introduced GPMC tool to manage group policy
UI—Enhanced User Interface

Grater Security
Cross-forest Authentication
Cross-forest Authorization
Cross-certification Enhancements
IAS and Cross-forest authentication
Credential Manager
Software Restriction Policies

Improved Performance and Dependability
Easier logon for remote offices
Group Membership replication enhancements
Application Directory Partitions
Install Replica from media
Dependability Improvements--- updated Inter-Site Topology Generator (ISTG) that scales better by supporting forests with a greater number of sites than Windows 2000.

FILE AND PRINT SERVICES
Volume shadow copy service
NTFS journaling file system
EFS
Improved CHDSK Performance
Enhanced DFS and FRS
Shadow copy of shared folders
Enhanced folder redirection
Remote document sharing (WEBDAV)

IIS
Fault-tolerant process architecture----- The IIS 6.0 fault-tolerant process architecture isolates Web sites and applications into self-contained units called application pools
Health Monitoring---- IIS 6.0 periodically checks the status of an application pool with automatic restart on failure of the Web sites and applications within that application pool, increasing application availability. IIS 6.0 protects the server, and other applications, by automatically disabling Web sites and applications that fail too often within a short amount of time
Automatic Process Recycling--- IIS 6.0 automatically stops and restarts faulty Web sites and applications based on a flexible set of criteria, including CPU utilization and memory consumption, while queuing requests
Rapid-fail Protection---- If an application fails too often within a short amount of time, IIS 6.0 will automatically disable it and return a "503 Service Unavailable" error message to any new or queued requests to the application
Edit-While-Running


2.What are the Difference between NT & 2000?
NT SAM database is a flat database. Where as in windows 2000 active directory database is a hierarchical database.
In windows NT only PDC is having writable copy of SAM database but the BDC is only read only database. In case of Windows 2000 both DC and ADC is having write copy of the database
Windows NT will not support FAT32 file system. Windows 2000 supports FAT32
Default authentication protocol in NT is NTLM (NT LAN manager). In windows 2000 default authentication protocol is Kerberos V5.
Windows 2000 depends and Integrated with DNS. NT user Netbios names
Active Directory can be backed up easily with System state data

3.What Difference between 2000 & 2003?
Application Server mode is introduced in windows 2003
Possible to configure stub zones in windows 2003 DNS
Volume shadow copy services is introduced
Windows 2003 gives an option to replicate DNS data b/w all DNS servers in forest or All DNS servers in the domain.
Refer Question 1 for all Enhancements

4.What Difference between PDC & BDC?
PDC contains a write copy of SAM database where as BDC contains read only copy of SAM database. It is not possible to reset a password or create objects with out PDC in Windows NT.

5.What are Difference between DC & ADC?
There is no difference between in DC and ADC both contains write copy of AD. Both can also handles FSMO roles (If transfers from DC to ADC). It is just for identification. Functionality wise there is no difference.

6.What is DNS & WINS
DNS is a Domain Naming System, which resolves Host names to IP addresses. It uses fully qualified domain names. DNS is a Internet standard used to resolve host names
WINS is a Windows Internet Name Service, which resolves Netbios names to IP Address. This is proprietary for Windows

7.How may Types of DNS Servers
Primary DNS
Secondary DNS
Active Directory Integrated DNS
Forwarder
Caching only DNS

8.If DHCP is not available what happens to the client ?
Client will not get IP and it cannot be participated in network . If client already got the IP and having lease duration it use the IP till the lease duration expires.

9.what are the different types of trust relationships ?
Implicit Trusts
Explicit Trusts—NT to Win2k or Forest to Forest

10.what is the process of DHCP for getting the IP address to the client ?
There is a four way negotiation process b/w client and server
DHCP Discover (Initiated by client)
DHCP Offer (Initiated by server)
DHCP Select (Initiated by client)
DHCP Acknowledgment (Initiated by Server)
DHCP Negative Acknowledgment (Initiated by server if any issues after DHCP offer)

11.Difference between FAT,NTFS & NTFSVersion5 ?
NTFS Version 5 features
Encryption is possible
We can enable Disk Quotas
File compression is possible
Sparse files
Indexing Service
NTFS change journal
In FAT file system we can apply only share level security. File level protection is not possible. In NTFS we can apply both share level as well as file level security
NTFS supports large partition sizes than FAT file systems
NTFS supports long file names than FAT file systems

12.What are the port numbers for FTP, Telnet, HTTP, DNS ?
FTP-21, Telnet – 23, HTTP-80, DNS-53, Kerberos-88, LDAP-389

13.what are the different types of profiles in 2000 ?
Local Profiles
Roaming profiles
Mandatory Profiles

14.what is the database files used for Active Directory ? ?
The key AD database files—edb.log, ntds.dit, res1.log, res2.log, and edb.chk—all of which reside in \%systemroot%\ntds on a domain controller (DC) by default. During AD installation, Dcpromo lets you specify alternative locations for these log files and database files
NTDS.DIT

15.What is the location of AD Database ?
%System root%/NTDS/NTDS>DIT

16.What is the authentication protocol used in NT ?
NTLM (NT LAN Manager)

17.What is subnetting and supernetting ?
Subnetting is the process of borrowing bits from the host portion of an address to provide bits for identifying additional sub-networks
Supernetting merges several smaller blocks of IP addresses (networks) that are continuous into one larger block of addresses. Borrowing network bits to combine several smaller networks into one larger network does supernetting

18.what is the use of terminal services ?
Terminal services can be used as Remote Administration mode to administer remotely as well as Application Server Mode to run the application in one server and users can login to that server to user that application.

19.what is the protocol used for terminal services ?
RDP

20.what is the port number for RDP ?
3389

Windows Server2000 Administration Questions

1.Explain hidden shares.

Hidden or administrative shares are share names with a dollar sign ($) appended to their names. Administrative shares are usually created automatically for the root of each drive letter. They do not display in the network browse list.

2.How do the permissions work in Windows 2000?

What permissions does folder inherit from the parent?

When you combine NTFS permissions based on users and their group memberships, the least restrictive permissions take precedence. However, explicit Deny entries always override Allow entries.

3.Why can’t I encrypt a compressed file on Windows 2000?

You can either compress it or encrypt it, but not both.

4.If I rename an account, what must I do to make sure the renamed account has the same permissions as the original one?

Nothing, it’s all maintained automatically.

5.What’s the most powerful group on a Windows system?

Administrators.

6.What are the accessibility features in Windows 2000?

Sticky Keys, Filter Keys Narrator, Magnifier, and On-Screen Keyboard.

7.Why can’t I get to the Fax Service Management console?

You can only see it if a fax had been installed.

8.What do I need to ensure before deploying an application via a Group Policy?

Make sure it’s either an MSI file, or contains a ZAP file for Group Policy.

9.How do you configure mandatory profiles?

Rename ntuser.dat to ntuser.man

10.How to get multiple displays to work in Windows 2000?

Multiple displays have to use peripheral connection interface (PCI) or Accelerated Graphics Port (AGP) port devices to work properly with Windows 2000.

11.What’s a maximum number of processors Win2k supports?

2

12.I had some NTFS volumes under my Windows NT installation. What happened to NTFS after Win 2k installation?

It got upgraded to NTFS 5.

13.How do you convert a drive from FAT/FAT32 to NTFS from the command line?

convert c: /fs:ntfs

14. Explain APIPA.

Auto Private IP Addressing (APIPA) takes effect on Windows 2000 Professional computers if no DHCP server can be contacted. APIPA assigns the computer an IP address within the range of 169.254.0.0 through 169.254.255.254 with a subnet mask of 255.255.0.0.

15.How does Internet Connection Sharing work on Windows 2000?

Internet Connection Sharing (ICS) uses the DHCP Allocator service to assign dynamic IP addresses to clients on the LAN within the range of 192.168.0.2 through 192.168.0.254. In addition, the DNS Proxy service becomes enabled when you implement ICS.

16What is Active Directory schema?

The Active Directory schema contains formal definitions of every object class that can be created in an Active Directory forest it also contains formal definitions of every attribute that can exist in an Active Directory object.

Active Directory stores and retrieves information from a wide variety of applications and services.

16.What is Global Catalog Server?

A global catalog server is a domain controller it is a master searchable database that contains information about every object in every domain in a forest. The global catalog contains a complete replica of all objects in Active Directory for its host domain, and contains a partial replica of all objects in Active Directory for every other domain in the forest. It have two important functions:

•Provides group membership information during logon and authentication

•Helps users locate resources in Active Directory

17.What is the ntds.tit file default size?

40 MB

18.Describe how the DHCP lease is obtained.

It’s a four-step process consisting of

(a) IP request

(b) IP offer

(C) IP selection

(d) acknowledgement.

19. We’ve installed a new Windows-based DHCP server, however, the users do not seem to be getting DHCP leases off of it.

The server must be authorized first with the Active Directory.

20.How can you force the client to give up the dhcp lease if you have access to the client PC?

ipconfig /release

21. What authentication options do Windows 2000 Servers have for remote clients?

PAP, SPAP, CHAP, MS-CHAP and EAP.

22. What are the networking protocol options for the Windows clients if for some reason you do not want to use TCP/IP?

NWLink (Novell), NetBEUI, AppleTalk (Apple).

23. What is data link layer in the OSI reference model responsible for?

Data link layer is located above the physical layer, but below the network layer. Taking raw data bits and packaging them into frames. The network layer will be responsible for addressing the frames, while the physical layer is reponsible for retrieving and sending raw data bits.

24.What is binding order?

The order by which the network protocols are used for client-server communications. The most frequently used protocols should be at the top.

25.How do cryptography-based keys ensure the validity of data transferred across the network?

Each IP packet is assigned a checksum, so if the checksums do not match on both receiving and transmitting ends, the data was modified or corrupted.

26.Should we deploy IPSEC-based security or certificate-based security?

They are really two different technologies. IPSec secures the TCP/IP communication and protects the integrity of the packets. Certificate-based security ensures the validity of authenticated clients and servers.

27.What is LMHOSTS file?

It’s a file stored on a host machine that is used to resolve NetBIOS to specific IP addresses.

28.What’s the difference between forward lookup and reverse lookup in DNS?

Forward lookup is name-to-address, the reverse lookup is address-to-name.

29.How can you recover a file encrypted using EFS?

Use the domain recovery agent.

Windows Server 2003 Interview Questions

1. How do you double-boot a Win 2003 server box?
The Boot.ini file is set as read-only, system, and hidden to prevent unwanted editing. To change the Boot.ini timeout and default settings, use the System option in Control Panel from the Advanced tab and select Startup

2.What do you do if earlier application doesn’t run on Windows Server 2003?
When an application that ran on an earlier legacy version of Windows cannot be loaded during the setup function or if it later malfunctions, you must run the compatibility mode function. This is accomplished by right-clicking the application or setup program and selecting Properties –> Compatibility –> selecting the previously supported operating system.

3.If you uninstall Windows Server 2003, which operating systems can you revert to?
Win ME, Win 98, 2000, XP. Note, however, that you cannot upgrade from ME and 98 to Windows Server 2003

4.How do you get to Internet Firewall settings?
Start –> Control Panel –> Network and Internet Connections –> Network Connections

5.What is Active Directory?
Active Directory is a network-based object store and service that locates and manages resources, and makes these resources available to authorized users and groups. An underlying principle of the Active Directory is that everything is considered an object—people, servers, workstations, printers, documents, and devices. Each object has certain attributes and its own security access control list (ACL).

6.Where are the Windows NT Primary Domain Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003?
The Active Directory replaces them. Now all domain controllers share a multimaster peer-to-peer read and write relationship that hosts copies of the Active Directory.

7.How long does it take for security changes to be replicated among the domain controllers?
Security-related modifications are replicated within a site immediately. These changes include account and individual user lockout policies, changes to password policies, changes to computer account passwords, and modifications to the Local Security Authority (LSA).

8.What’s new in Windows Server 2003 regarding the DNS management?
When DC promotion occurs with an existing forest, the Active Directory Installation Wizard contacts an existing DC to update the directory and replicate from the DC the required portions of the directory. If the wizard fails to locate a DC, it performs debugging and reports what caused the failure and how to fix the problem. In order to be located on a network, every DC must register in DNS DC locator DNS records. The Active Directory Installation Wizard verifies a proper configuration of the DNS infrastructure. All DNS configuration debugging and reporting activity is done with the Active Directory Installation Wizard.

9.When should you create a forest?
Organizations that operate on radically different bases may require separate trees with distinct namespaces. Unique trade or brand names often give rise to separate DNS identities. Organizations merge or are acquired and naming continuity is desired. Organizations form partnerships and joint ventures. While access to common resources is desired, a separately defined tree can enforce more direct administrative and security restrictions.

10.How can you authenticate between forests?
Four types of authentication are used across forests:
(1) Kerberos and NTLM network logon for remote access to a server in another forest
(2) Kerberos and NTLM interactive logon for physical logon outside the user’s home forest
(3) Kerberos delegation to N-tier application in another forest
(4) user principal name (UPN) credentials.

11.What snap-in administrative tools are available for Active Directory?
Active Directory Domains and Trusts Manager, Active Directory Sites and Services Manager, Active Directory Users and Group Manager, Active Directory Replication (optional, available from the Resource Kit), Active Directory Schema Manager (optional, available from adminpack)

12.What types of classes exist in Windows Server 2003 Active Directory?
Structural class. The structural class is important to the system administrator in that it is the only type from which new Active Directory objects are created. Structural classes are developed from either the modification of an existing structural type or the use of one or more abstract classes.
Abstract class. Abstract classes are so named because they take the form of templates that actually create other templates (abstracts) and structural and auxiliary classes. Think of abstract classes as frameworks for the defining objects.
Auxiliary class. The auxiliary class is a list of attributes. Rather than apply numerous attributes when creating a structural class, it provides a streamlined alternative by applying a combination of attributes with a single include action.
88 class. The 88 class includes object classes defined prior to 1993, when the 1988 X.500 specification was adopted. This type does not use the structural, abstract, and auxiliary definitions, nor is it in common use for the development of objects in Windows Server 2003 environments.

13.How do you delete a lingering object?
Windows Server 2003 provides a command called Repadmin that provides the ability to delete lingering objects in the Active Directory.

14.What is Global Catalog?
The Global Catalog authenticates network user logons and fields inquiries about objects across a forest or tree. Every domain has at least one GC that is hosted on a domain controller. In Windows 2000, there was typically one GC on every site in order to prevent user logon failures across the network.

15.How is user account security established in Windows Server 2003?
When an account is created, it is given a unique access number known as a security identifier (SID). Every group to which the user belongs has an associated SID. The user and related group SIDs together form the user account’s security token, which determines access levels to objects throughout the system and network. SIDs from the security token are mapped to the access control list (ACL) of any object the user attempts to access.

16.If I delete a user and then create a new account with the same username and password, would the SID and permissions stay the same?
No. If you delete a user account and attempt to recreate it with the same user name and password, the SID will be different.

17.What do you do with secure sign-ons in an organization with many roaming users?
Credential Management feature of Windows Server 2003 provides a consistent single sign-on experience for users. This can be useful for roaming users who move between computer systems. The Credential Management feature provides a secure store of user credentials that includes passwords and X.509 certificates.

18.Anything special you should do when adding a user that has a Mac?
"Save password as encrypted clear text" must be selected on User Properties Account Tab Options, since the Macs only store their passwords that way.

19.What remote access options does Windows Server 2003 support?
Dial-in, VPN, dial-in with callback.

20.Where are the documents and settings for the roaming profile stored?
All the documents and environmental settings for the roaming user are stored locally on the system, and, when the user logs off, all changes to the locally stored profile are copied to the shared server folder. Therefore, the first time a roaming user logs on to a new system the logon process may take some time, depending on how large his profile folder is.

21.Where are the settings for all the users stored on a given machine?
C:\Document and Settings\All Users

22.What languages can you use for log-on scripts?
JavaScript, VBScript, DOS batch files (.com, .bat, or even .exe)

Network Questions - I

1.      What is the difference between TCP and UDP

TCP is a connection oriented protocol, which means that everytime a packet is sent say from host A to B, we will get an acknowledgement. Whereas UDP on the other hand, is a connection less protocol.

Where will it be used : TCP -> Say you have a file transfer and you need to ensure that the file reaches intact, and time is not a factor, in such a case we can use TCP.

UDP-> Media Streaming, question is say you are watching a movie…would you prefer that your movie comes..perfectly….but u need to wait a long time before you see the next frame ?..or would you prefer the movie to keep streaming…Yes…The second option is definely better….This is when we need UDP

2.      What is a MAC address?

MAC is a machines Physical address, The internet is addressed based on a logical addressing approach. Say, when the packet reaches say the bridge connection a LAN, the question is..how does it identify, which computer it needs to send the packet to. For this it uses the concept of ARP, Address Resolution Protocol, which it uses over time to build up a table mapping from the Logical addresses to the Physical addresses. Each computer is identified using its MAC/Physical address ( u can use the ipconfig -all option to get ur MAC address).

3.      What is MTU?

The MTU is the “Maximum Transmission Unit” used by the TCP protocol. TCP stands for Transmission Control Prototcol. The MTU determines the size of packets used by TCP for each transmission of data. Too large of an MTU size may mean retransmissions if the packet encounters a router along its route that can’t handle that large a packet. Too small of an MTU size means relatively more overhead and more acknowledgements that have to be sent and handled. The MTU is rated in “octets” or groups of 8 bits. The so-called “official” internet standard MTU is 576, but the standard rating for ethernet is an MTU of 1500.

4.      Difference Between. Switch , Hub, Router..

Hub: 1.it is a layer1 device..used to connect various machine on Lan.
2.It forwards broadcast by default.
3.It supports one collision domain and one broadcast domain.
4.it works on Bus topology resulting less speed.
Switch: 1. A layer2 device.
2. Forward broadcast first time only.
3. one broadcast domain & collision domains depends on no. of ports.
4.It is based on Star Topology giving 100mbps to every pc on Lan.
Router: 1. Does not Broadcast by default.
2. breaks up Broadcast domain.
3. Also called Layer3 switch.

5.      VPN.....
VPN(Virtual Private Network )… these are basically the logical networks on the physical line… you can have many VPN over same line..
Need of VPN arises when your company need to increase the network but don’t want to buy any more switches.. take an eg. your dept. your room is packed with employees and
ur company need to add 4 more persons to ur deptt. what will they do.. the solution is to create VPN’s…you can configure the switch ports in other deptts. and create a specific VLAN of ur deptt. So that the persons can sit there and access to the required pcs.

 

6.      ARP & RARP.....

      Stands for Address Resolution Protocol…whenever a request is sent by a node on one network to the node on another network the Physical address(MAC) is required and for this the IP address need to be flow over the network..whenever a router with that network (IP) gets the msg. the required MAC address is sent through the network this process of converting the IP address to MAC address is Called ARP..and the reverse thats the convertion of the Mac address to the IP address is called RARP ( Reverse Address Resolution Protocol)

 

7.      What is the difference between layer 2 and layer 3 in the OSI model?

Layer 2 is responsible for switching data whereas Layer 3 is responsible for routing the data.

Layer3: With information gathered from user, Internet protocol make one IP packet with source IP and Destination IP and other relevant information. It can then route packet through router to the destination.

Layer2: Soon after it receives IP packet from layer 3, it encapsulate it with frame header (ATM header in case of ATM technology) and send it out for switching. In case of Ethernet it will send data to MAC address there by it can reach to exact destination. 

WINDOWS Shortcut Keys

General Windows Keystrokes

Get Help – F1

Open the Start Menu – WINDOWS LOGO KEY or CTRL+ESC

Switch between Open Applications – ALT+TAB

Open the Shortcut Menu – APPLICATIONS KEY or SHIFT+F10

Minimize all Applications – WINDOWS LOGO KEY+M

Find a File or Folder from Desktop – F3

Move to First Item on the Taskbar – WINDOWS LOGO KEY+TAB

Open Windows Explorer – WINDOWS LOGO KEY+E

Open Run Dialog – WINDOWS LOGO KEY+R

Application Keystrokes

Exit the Active Application – ALT+F4

     Open the Application Control Menu – ALT+SPACEBAR

      Move to the Menu Bar – ALT

      Move between Menus – ALT, ARROW KEYS

      Choose a Menu Item – ENTER

      Open a child Window Control Menu – ALT+DASH

Cancel or close a Menu – ESC or ALT

Working in Dialog Boxes

Move through Dialog Controls – TAB

Move Backward through Dialog Controls – SHIFT+TAB

Move to Another Page – CTRL+TAB

Reverse Direction through Pages – CTRL+SHIFT+TAB

Select/Deselect in List View – SPACEBAR or CTRL+SPACEBAR

Toggle a Check Box ON/OFF – SPACEBAR

Working with Text

       Move One Character Left – LEFT ARROW

       Move One Character Right – RIGHT ARROW

       Move One Word Left – CTRL+LEFT ARROW

       Move One Word Right – CTRL+RIGHT ARROW

       Move to Beginning of Line – HOME

       Move to End of Line – END

       Move One Paragraph Up – CTRL+UP ARROW

       Move One Paragraph Down – CTRL+DOWN ARROW

       Move to Beginning of Document – CTRL+HOME

       Move to End of Document – CTRL+END

       Scroll Up or Down One Screen – PAGE UP or PAGE DOWN

       Select One Character Left – SHIFT+LEFT ARROW

       Select One Character Right – SHIFT+RIGHT ARROW

       Select One Word Left – CTRL+SHIFT+LEFF ARROW

        Select One Word Right – CTRL+SHIFT+RIGHT ARROW 

       Select to Beginning of Line – SHIFT+HOME

       Select to End of Line – SHIFT+END

       Select to Beginning of Document – CTRL+SHIFT+HOME

         Select to End of Document – CTRL+SHIFT+END

         Select All – CTRL+A

         Undo – CTRL+Z

         Delete Current Character – DELETE

         Delete Prior Character  – BACKSPACE

Working in Windows Explorer

Delete Selected File or Folder  – DELETE

Rename Selected File or Folder – F2

Refresh Window – F5

Switch Between Tree View and List View – F6 or TAB

Go Up One Folder Level – BACKSPACE

Open File or Folder Properties – ALT+ENTER

Untruncate Columns in List View – CTRL+NUM PAD PLUS 

Using the Clipboard

Copy Selected File or Text to Clipboard – CTRL+C

Cut Selected File or Text to Clipboard – CTRL+X

Paste Contents of Clipboard – CTRL+V

Windows System Key Combinations

CTRL+ESC - Open Start menu

ALT+TAB - Switch between open programs

ALT+F4 - Quit program

SHIFT+DELETE - Delete items permanently

Windows Program Key Combinations

CTRL+C - Copy

CTRL+X - Cut

CTRL+V - Paste

CTRL+Z - Undo

CTRL+B - Bold

CTRL+U - Underline

CTRL+I - Italic

Mouse Click/Keyboard Modifier Combinations for Shell Objects

SHIFT+RIGHT CLICK - Displays a context menu containing alternative verbs.

SHIFT+DOUBLE CLICK - Runs the alternate default command (the second item on the menu).

ALT+DOUBLE CLICK - Displays properties.

SHIFT+DELETE - Deletes an item immediately without placing it in the Recycle Bin.

General Keyboard-Only Commands

F1 - Starts Windows Help.

F10 - Activates menu bar options.

SHIFT+F10 - Opens a context menu for the selected item. This is the same as right-clicking anobject.

CTRL+ESC - Opens the Start menu. Use the ARROW keys to select an item.

CTRL+ESC, ESC - Selects the Start button. (Press TAB to select quick launch, the taskbar, system tray)

ALT+DOWN ARROW - Opens a drop-down list box.

ALT+TAB - Switch to another running application. Hold down the ALT key and then press the TAB key to view the task-switching window.

Press down and hold the SHIFT key while you insert a CD-ROM to bypass the auto-run feature.

ALT+SPACE - Displays the main window's System menu. From the System menu, you can restore, move, resize, minimize, maximize, or close the window.

ALT+- (ALT+hyphen) - Displays the Multiple Document Interface (MDI) child window's System menu. From the MDI child window's System menu, you can restore, move, resize, minimize, maximize, or close the child window.

CTRL+TAB - Switch to the next child window of a Multiple Document Interface (MDI) application.

ALT+ - Opens the corresponding menu.

ALT+F4 - Closes the current window.

ALT+DOWN ARROW - Opens a drop-down list box.

CTRL+F4 - Closes the current Multiple Document Interface (MDI) window.

ALT+F6 - Switch between multiple windows in the same program. For example, when the Notepad Find dialog box is displayed, ALT+F6 switches between the Find dialog box and the main Notepad window.

Shell Objects and General Folder/Windows Explorer Shortcuts

F2 - Rename object

F3 - Find: All Files

CTRL+X - Cut

CTRL+C - Copy

CTRL+V - Paste

SHIFT+DEL - Delete selection immediately, without moving the item to the Recycle Bin.

ALT+ENTER - Open the property sheet for the selected object.

To Copy a File - Press down and hold the CTRL key while you drag the file to another folder.

To Create a Shortcut - Press down and hold CTRL+SHIFT while you drag a file to the desktop or a folder.

General Folder/Shortcut Control

F4 - Selects the Go To A Different Folder box and moves down the entries in the box (if the toolbar is active in Windows Explorer).

F5 - Refreshes the current window.

F6 - Moves among panes in Windows Explorer.

CTRL+G - Opens the Go To Folder tool (in Windows 95 Windows Explorer only).

CTRL+Z - Undo the last command.

CTRL+A - Select all the items in the current window.

BACKSPACE - Switch to the parent folder.

SHIFT+CLICK - Close Button For folders, close the current folder plus all parent folders.

Windows Explorer Tree Control

Numeric Keypad * - Expands everything under the current selection.

Numeric Keypad + - Expands the current selection.

Numeric Keypad - - Collapses the current selection.

RIGHT ARROW - Expands the current selection if it is not expanded, otherwise goes to the first child.

LEFT ARROW - Collapses the current selection if it is expanded, otherwise goes to the parent.

Property Sheet Control

CTRL+TAB/CTRL+SHIFT+TAB - Move through the property tabs.

Accessibility Shortcuts

Tap SHIFT 5 times - Toggles StickyKeys on and off.

Press down and hold the right SHIFT key for 8 seconds - Toggles FilterKeys on and off.

Press down and hold the NUM LOCK key for 5 seconds - Toggles ToggleKeys on and off.

Left ALT+left SHIFT+NUM LOCK - Toggles MouseKeys on and off.

Left ALT+left SHIFT+PRINT SCREEN - Toggles High Contrast on and off.

Microsoft Natural Keyboard Keys

WINDOWS - Start Menu

WINDOWS+R - Run dialog box

WINDOWS+M - Minimize All

SHIFT+WINDOWS+M - Undo Minimize All

WINDOWS+F1 - Help

WINDOWS+E - Windows Explorer

WINDOWS+F - Find Files or Folders

WINDOWS+D - Minimizes all open windows and displays the desktop

CTRL+WINDOWS+F - Find Computer

CTRL+WINDOWS+TAB - Moves focus from Start, to Quick Launch bar, to System Tray. Use RIGHT ARROW or LEFT ARROW to move focus to items on Quick Launch bar and System Tray

WINDOWS+TAB - Cycle through taskbar buttons

WINDOWS+BREAK - System Properties dialog box

Application key - Displays a context menu for the selected item

Microsoft Natural Keyboard with IntelliType Software Installed

WINDOWS+L - Log off Windows

WINDOWS+P - Opens Print Manager

WINDOWS+C - Opens Control Panel

WINDOWS+V - Opens Clipboard

WINDOWS+K - Opens Keyboard Properties dialog box

WINDOWS+I - Opens Mouse Properties dialog box

WINDOWS+A - Opens Accessibility Options(if installed)

WINDOWS+SPACEBAR - Displays the list of IntelliType Hotkeys

WINDOWS+S - Toggles the CAP LOCK key on and off

Dialog Box Keyboard Commands

TAB - Move to the next control in the dialog box.

SHIFT+TAB - Move to the previous control in the dialog box.

SPACEBAR - If the current control is a button, this clicks the button. If the current control is a check box, this toggles the check box. If the current control is an option button, this selects the option button.

ENTER - Equivalent to clicking the selected button (the button with the outline).

ESC - Equivalent to clicking the Cancel button.

ALT+ - Select menu item.