In this blog I am providing answers of questions asked generally from Windows 2008 server in an interview. Have a look….
- What is NOS?
NOS stand for network operating system. Operating system is of two types- network operating system (NOS) and client operating system (COS). NOS is used for servers while COS is used in clients.
- Name the different edition of Windows 2008 server?
Datacenter, enterprise, standard, web and Itanium based edition.
- What is minimum hardware requirement to install 2008 server?
|Processor||• Minimum: 1 GHz (x86 processor) or 1.4 GHz (x64 processor)
• Recommended: 2 GHz or faster
Note: An Intel Itanium 2 processor is required for Windows Server 2008 for Itanium-Based Systems.
|Memory||• Minimum: 512 MB RAM
• Recommended: 2 GB RAM or greater
• Maximum (32-bit systems): 4 GB (Standard) or 64 GB (Enterprise and Datacenter)
• Maximum (64-bit systems): 32 GB (Standard) or 1 TB (Enterprise and Datacenter) or 2 TB (Itanium-Based Systems)
|Available Disk Space||• Minimum: 10 GB
• Recommended: 40 GB or greater
Note: Computers with more than 16 GB of RAM will require more disk space for paging, hibernation, and dump files.
|Display and Peripherals||• Super VGA (800 x 600) or higher-resolution monitor
• Microsoft Mouse or compatible pointing device
- What is server core?
It is new installation option available in datacenter, enterprise and standard edition of windows 2008 server. It doesn’t has graphics and works only on command line.
- What are advantages of server core?
Server core has minimal graphics hence uses less resources (CPU, memory, hard disk etc.). Since it has less roles and features hence has lesser attack surface and is more secure.
- Can we convert server core to full installation?
No, we can’t change server core to full installation in windows 2008 server. This option is available in windows 2012 server.
- Which tool is used to automate any task or application?
- Which Windows Server 2008 tool is used to manage and configure a server’s roles and features?
The Server Manager tool is used to view the roles and features installed on a server. The Server Manager can be used to add and remove roles and features as needed.
- What is DHCP?
The Dynamic Host Configuration Protocol is a network protocol that is used by network devices to configure the IP settings of another device, such as a computer, laptop or tablet. Apart from providing IP address it can provide other settings too as DNS address, default gateway address, WINS address etc.
The server on which this is configured is called DHCP server.
- What is DORA?
DORA is a process of acquiring IP address by DHCP client from DHCP server. DORA is acronym for discover, offer, request and acknowledgement.
- Explain DHCP lease period.
When any IP is provided by DHCP server to a client, it is provided for a fixed period known as lease period. Before this time expires client need to get its lease period renewed. If client fails to get the lease period it will restart DORA process.
- What is reservation in DHCP?
Reservation is configured to fix an IP for a particular MAC address. This is used if we need to permanently reserve an IP to ant DHCP client.
- Which command we use for renewing the lease period of any DHCP client?
Ipconfig /renew. To release IP we use ipconfig /release.
- Why do we use exclusion range in DHCP?
If we don’t want to lease particular set of IP from scope we put them in exclusion range. It is used mainly to reserve IP for the servers.
- What is 80-20 rule?
If we have 2 DHCP server in our network for redundancy, best practice is to create scope with 80% IPs on one server and remaining 20% IPs on another server. This is called 80-20 rule.
- What is DHCP relay agent?
The DHCP Relay Agent component relays DHCP messages between DHCP clients and DHCP servers on different IP networks. Because DHCP is a broadcast-based protocol, by default its packets do not pass through routers as routers don’t support broadcasting. A DHCP relay agent receives any DHCP broadcasts on the subnet and forwards them to the specified IP address on a different subnet.
- Explain DNS Server?
Domain naming system (DNS) is a name resolution protocol which does name resolution i.e. it converts name to IP and IP to name. The server which has this protocol configured on it is called DNS server.
- What is DNS zone?
A DNS zone is a portion of a domain name space using the Domain Name System for which administrative responsibility has been delegated. We can have one zone on multiple DNS server and single DNS server can store multiple zones.
- Types of zones are __________________________
Primary, Secondary and Stub zone.
- Why do we need secondary zone?
Secondary zone is used for redundancy and load balancing.
- Which records are present in stub zone?
A, NS and SOA record.
- Which record is used for mail server?
Mail Exchanger (MX) record.
- Which setting is used to find and delete aged records?
Aging and scavenging.
- Explain active directory integrated zone?
DNS servers running on domain controllers can store their zones in Active Directory. Its advantage will be that now DNS won’t need separate topology for replication and will use AD replication instead which is fast and secure. This also supports dynamic updates. This type of zone is called active directory integrated zone.
- Which feature is responsible for load balancing among DNS server?
- What is global naming zone?
Global naming zone is a new feature of DNS server in windows 2008 which enable DNS to support NetBIOS names.
- What is active directory?
Active directory is a special purpose database which stores objects like computer, user, group, OU etc. Active Directory data is hierarchical, replicated, and extensible.
- What is difference between user authentication and authorization?
When a user logs in to the computer by supplying his username and password, the process is called authentication. Once logs in, he is assigned his permissions and rights. This process of verifying what he is authorized to do is called authorization.
- What is domain?
Domain is a logical boundary made up of a group of clients and servers under the control of central security database. The computer which controls is called domain controller.
- What is active directory schema?
The schema is the Active Directory component that defines all the objects and attributes that the directory service uses to store data. The physical structure of the schema consists of the object definitions.
- What is active directory forest?
An Active Directory forest is the highest level of organization within Active Directory. Each forest shares a single database, a single schema and a security boundary.
- What is active directory tree?
Tree is a collection of domain that shares contiguous namespace. For example gcs.com and buxar.gcs.com are part of same tree.
- Which command is used to install active directory domain service?
- Name the AD database file.
- How to create multiple users accounts?
We may use scripts for the purpose. CSVDE, LDIFDE, Powershell and VBscript are commonly used for the purpose.
- Name different types and scopes of group?
Group is of two types- security and distribution. Scopes of group are local, domain local, global and domain local.
- Why do we create group?
We create group for assigning permissions collectively on number of object. If any right is assigned to a group it will be transferred to all its members.
- What is OU?
Organizational unit (OU) is an active directory object used for managing security and delegation of administrative authority. We can link GPO to an OU.
- GPO can be linked to _______________________________
GPO can be linked to local computer, site, domain and organization unit.
- Write down processing order and precedence.
GPO processing order – Local computer – site- domain- OU
GPO precedence (priority) – OU – domain – site – local computer.
- What is default location of GPC and GPT?
GPC is stored in AD database and GPT in sysvol.
- What is site?
Site is active directory object which is used for:
- Replication control
- Service localization
43. Which algorithm is used for AD replication?
Knowledge consistency checker (KCC).
- What is global catalog server?
Global catalog server (GCS) is the domain controller which stores partial attribute set (PAS) of every object in entire forest.
- What is RODC?
RODC stands for read only domain controller. It is a new type of domain controller introduced in windows 2008 which is read-only. So we can’t make any modification on it and changes are replicated to it only from writable domain controller. RODC don’t stores security attributes too.
- Where do we use RODC?
RODC is mostly in branch offices.
- Write down different FSMO roles?
There are 5 operation master roles as:
Forest wide – Schema and Domain Naming master.
Domain wide – RID, Infrastructure and PDC Emulator.
- What do you mean by functional level?
Domain controllers can run different versions of Windows Server operating systems. The functional level of a domain or forest depends on which minimum versions of Windows Server operating systems are running on the domain controllers in the domain or forest. The functional level of a domain or forest controls which advanced features are available in the domain or forest.
- Why do we seize operation master role?
When any operation master fails and there is no chance of its recovery we need to seize operation master role. This should only be used if there is serious failure and there is no chance of recovery of the operation master.
- What do you mean by transitivity of trust relationship?
Let’s consider a example. If Domain A trusts Domain B and Domain B trusts domain C then if this trust relationship will be transitive then Domain A will trust Domain C too.
- What is selective authentication in reference to trust relationship?
If any user logs on to a trusting domain by default he can login to any computer. If we want to limit this i.e. we want that he should login only on selected computer we need to configure selective authentication.
- Which command is used to defragment AD database?
- What is active directory recycle bin?
Windows Server 2008 R2 provides a new feature for restoration of deleted objects. This feature, called Active Directory Recycle Bin, specific just to Windows Server 2008 R2, now enables administrators to restore deleted objects with full functionality and without restoring Active Directory data from backups, restarting AD DS, or rebooting domain controllers.
- What is VPN?
VPN stands for virtual private network. VPN allows user to connect to private network from public network. It is used to access company network from other office or internet.
- Name different VPN tunneling protocols.
VPN tunneling protocols areas below:
PPTP (Point to Point Tunneling Protocol)
L2TP (Layer 2 Tunneling Protocol)
SSTP (Secure Socket Tunneling Protocol)
IKEv2 (Internet Key Exchange version 2).
- What is NAP?
Network Access Protection (NAP) provides components and an application programming interface (API) that helps to enforce compliance with organization’s health-requirement policies for network access or communication. NAP enables to create solutions for validating computers that connect to our networks. Computer which is compliant to the health requirement of NAP it is allowed access to the network while limiting the access or communication of noncompliant computers.
- Which NAP enforcement method is most and least secure?
IPSec is most secure NAP enforcement method while DHCP is least secure.
- What are SHV and SHA?
System Health Validator (SHV) is a NAP server side component to analyze the compliance of a client computer. System Health Agents (SHAs) is NAP client side component which presents system health state or proof-of-health compliance of the NAP client to NAP server.
- What is IPSec?
Internet Protocol security (IPSec) is a framework of open standards for protecting communications over IP networks. It provides security by performing data authentication and encryption.
- What is connection security rule?
Connection Security Rule (CSR) is a new feature of Windows 2008 to configure IPSec for communication between computers. CSR works similar to IPSec and evaluates network traffic depending on criterion we set as allow block or negotiate security. But CSR don’t use filter and filter actions as IPSec as these are built into CSR directly. CSR, by default provides only data authentication and not encryption; however we can configure encryption too.
- What is WDS?
Windows Deployment Services is a server role which is used to rapidly and remotely deploy Windows operating systems. It is newer version of Remote Installation Services (RIS).
- What are the multicasting options available in WDS?
Scheduled cast and auto cast.
- What are the prerequisites for WDS?
Active Directory Domain Services, DNS, DHCP and NTFS partition to store WDS database.
- How many nodes are supported in failover clustering in windows 2008?
- Why do we need quorum configuration in failover clustering?
The failover cluster quorum determines the number of failed nodes or failed storage and network components that the cluster can sustain while continuing to function. Quorum prevents two sets of nodes from operating simultaneously as the failover cluster.
- What is different quorum configuration present in failover clustering?
Node majority, node and disk majority, node and file share majority and no majority : disk only.
- Why do we need ADRMS?
ADRMS is used to protect digital rights.
- What is Powershell?
Powershell is a new feature of Windows 2008 server which
- What are new features of terminal features of Windows 2008 server?
There are many new features in terminal server 2008 as terminal server gateway, terminal server session broker, terminal server session broker etc.
I will soon update questions from Windows 2012 server and other subjects. Till then good bye and yes if you are preparing for any interview then “Best of Luck”.