Wintel Admin Top Interview Questions

Top Interview Questions for System Administrators (Microsoft)

Q: What is Active Directory?

A: Active Directory provides a centralised control for network administration and security. Server computers configured with Active Directory are known as domain controllers. Active Directory stores all information and settings for a deployment in a central database, and allows administrators to assign policies and deploy and update software.

Q: What is a Domain?

A: A domain is defined as a logical group of network objects (computers, users, devices) that share the same Active Directory database. A tree can have multiple domains.

Q: What is Domain Controller?

A: A domain controller (DC) or network domain controller is a Windows-based computer system that is used for storing user account data in a central database. It is the centrepiece of the Windows Active Directory service that authenticates users, stores user account information and enforces security policy for a Windows domain.

A domain controller allows system administrators to grant or deny users access to system resources, such as printers, documents, folders, network locations, etc., via a single username and password.

Q: What is Group Policy?

A: Group Policy allows you to implement specific configurations for users and computers. Group Policy settings are contained in Group Policy objects (GPOs), which are linked to the following Active Directory service containers: sites, domains, or organizational units (OUs).

Q: What are GPOs (Group Policy Objects)?

A: A Group Policy Object (GPO) is a collection of settings that control the working environment of user accounts and computer accounts. GPOs define registry-based policies, security options, software installation and maintenance options, script options, and folder redirection options.

There are two kinds of Group Policy objects:

• * Local Group Policy objects are stored on individual computers.
• * Nonlocal Group Policy objects, which are stored on a domain controller, are available only in an Active Directory environment.

Q: What is LDAP?

A: LDAP (Light-Weight Directory Access Protocol) determines how an object in an Active Directory should be named. LDAP is the industry standard directory access protocol, making Active Directory widely accessible to management and query applications. Active Directory supports LDAPv2 and LDAPv3.

Q: Where is the AD database stored?

A: The AD database is stored in C:\Windows\NTDS\NTDS.DIT.

Q: What is the SYSVOL folder?

A: The SYSVOL folder stores the server copy of the domain’s public files that must be shared for common access and replication throughout a domain.
All AD databases are stored in a SYSVOL folder and it’s only created in an NTFS partition. The Active Directory Database is stored in the %SYSTEM ROOT%NDTS folder.

Q: What is Garbage collection?

A: Garbage collection is the online defragmentation of the Active Directory which happens every 12 hours.

Q: When do we use WDS?

A: Windows Deployment Services is a server role used to deploy Windows operating systems remotely. WDS is mainly used for network-based OS installations to set up new computers.

Q: What is DNS and which port number is used by DNS?

A: The Domain Name System (DNS) is used to resolve human-readable hostnames like www.intenseschool.com into machine-readable IP addresses like 69.143.201.22.

DNS servers use UDP port 53 but DNS queries can also use TCP port 53 if the former is not accepted.

Q: What are main Email Servers and which are their ports?

A: Email servers can be of two types:

Incoming Mail Server (POP3, IMAP, HTTP)

The incoming mail server is the server associated with an email address account. There cannot be more than one incoming mail server for an email account. In order to download your emails, you must have the correct settings configured in your email client program.

Outgoing Mail Server (SMTP)

Most outgoing mail servers use SMTP (Simple Mail Transfer Protocol) for sending emails. The outgoing mail server can belong to your ISP or to the server where you setup your email account.

The main email ports are:

• * POP3 – port 110
• * IMAP – port 143
• * SMTP – port 25
• * HTTP – port 80
• * Secure SMTP (SSMTP) – port 465
• * Secure IMAP (IMAP4-SSL) – port 585
• * IMAP4 over SSL (IMAPS) – port 993
• * Secure POP3 (SSL-POP) – port 995

Q: What do Forests, Trees, and Domains mean?

A: Forests, trees, and domains are the logical divisions in an Active Directory network.

A domain is defined as a logical group of network objects (computers, users, devices) that share the same active directory database.

A tree is a collection of one or more domains and domain trees in a contiguous namespace linked in a transitive trust hierarchy.

At the top of the structure is the forest. A forest is a collection of trees that share a common global catalog, directory schema, logical structure, and directory configuration. The forest represents the security boundary within which users, computers, groups, and other objects are accessible.

Q: Why do we use DHCP?

A: Dynamic Host Configuration Protocol assigns dynamic IP addresses to network devices allowing them to have a different IP address each time they are connected to the network.

Q: What are Lingering Objects?

A: A lingering object is a deleted AD object that still remains on the restored domain controller in its local copy of Active Directory. They can occur when changes are made to directories after system backups are created.

When restoring a backup file, Active Directory generally requires that the backup file be no more than 180 days old. This can happen if, after the backup was made, the object was deleted on another DC more than 180 days ago.

Q: How can we remove Lingering Objects?

A: Windows Server 2003 and 2008 have the ability to manually remove lingering objects using the console utility command REPADMIN.EXE.

Q: Why should you not restore a DC that was backed up 6 months ago?

A: When restoring a backup file, Active Directory generally requires that the backup file be no more than 180 days old. If you attempt to restore a backup that is expired, you may face problems due to lingering objects.

Q: How do you backup AD?

A: Backing up Active Directory is essential to maintain the proper health of the AD database.

Windows Server 2003

You can backup Active Directory by using the NTBACKUP tool that comes built-in with Windows Server 2003 or use any 3rd-party tool that supports this feature.

Windows Server 2008

In Server 2008, there isn’t an option to backup the System State data through the normal backup utility. We need to use the command line to backup Active Directory.

1. Open up your command prompt by clicking Start, typing “cmd” and then hit Enter.

2. In your command prompt, type “wbadmin start systemstatebackup -backuptarget:e:” and press Enter.

3. Input “y” and press Enter to start the backup process.

When the backup process has finished you should get a message that the backup completed successfully. If it did not complete properly you will need to troubleshoot.

Windows Server DHCP Interview Questions

Windows Server DHCP Interview Questions

1. What is dhcp ?

Dynamic Host Configuration Protocol (DHCP) is a network protocol that enables a server to automatically assign an IP address to a computer from a defined range ofnumbers (i.e., a scope) configured for a given network.

2. What is the dhcp process for client machine?

1. A user turns on a computer with a DHCP client.

2. The client computer sends a broadcast request (called a DISCOVER or DHCPDISCOVER), looking for a DHCP server to answer.

3. The router directs the DISCOVER packet to the correct DHCP server.

4. The server receives the DISCOVER packet. Based on availability and usage policies set on the server, the server determines an appropriate address (if any) to give to the client. The server then temporarily reserves that address for the client and sends back to the client an OFFER (or DHCPOFFER) packet, with that address information. The server also configures the client’s DNS servers, WINS servers, NTP servers, and sometimes other services as well.

5. The client sends a REQUEST (or DHCPREQUEST) packet, letting the server know that it intends to use the address.

6. The server sends an ACK (or DHCPACK) packet, confirming that the client has a been given a lease on the address for a server-specified period of time.

3. What is dhcp scope ?

DHCP scopes are used to define ranges of addresses from which a DHCP server can assign IP addresses to clients.

4. Types of scopes in windows dhcp ?

Normal Scope – Allows A, B and C Class IP address ranges to be specified including subnet masks, exclusions and reservations. Each normal scope defined must exist within its own subnet.

Multicast Scope – Used to assign IP address ranges for Class D networks. Multicast scopes do not have subnet masks, reservation or other TCP/IP options.

Multicast scope address ranges require that a Time To Live (TTL) value be specified (essentially the number of routers a packet can pass through on the way to its destination).

Superscope – Essentially a collection of scopes grouped together such that they can be enabled and disabled as a single entity.

5. What is Authorizing DHCP Servers in Active Directory ?

If a DHCP server is to operate within an Active Directory domain (and is not running on a domain controller) it must first be authorized.

This can be achieved either as part of the DHCP Server role installation, or subsequently using either DHCP console or at the command prompt using the netsh tool.

If the DHCP server was not authorized during installation, invoke the DHCP console (Start -> All Programs -> Administrative Tools -> DHCP),

right click on the DHCP to be authorized and select Authorize. To achieve the same result from the command prompt, enter the following command:

netsh dhcp server serverID initiate auth

In the above command syntax, serverID is replaced by the IP address or full UNC name of system on which the DHCP server is installed.

6. What ports are used by DHCP and the DHCP clients ? 

Requests are on UDP port 68, Server replies on UDP 67 .

7. List some Benefits of using DHCP 

• DHCP provides the following benefits for administering your TCP/IP-based network:
• Safe and reliable configuration.DHCP avoids configuration errors caused by the need to manually type in values at each computer. Also, DHCP helps prevent address conflicts caused by a previously assigned IP address being reused to configure a new computer on the network. 
• Reduces configuration management.
• Using DHCP servers can greatly decrease time spent to configuring and reconfiguring computers on your network. Servers can be configured to supply a full range of additional configuration values when assigning address leases. These values are assigned using DHCP options. Also, the DHCP lease renewal process helps assure that where client configurations need to be updated often (such as users with mobile or portable computers who change locations frequently), these changes can be made efficiently and automatically by clients communicating directly with DHCP servers.
• The following section covers issues that affect the use of the DHCP Server service with other services or network configurations. Using DNS servers with DHCP Using Routing and Remote Access servers with DHCP Multihomed DHCP servers.

8. Describe the process of installing a DHCP server in an AD infrastructure ?

• Open Windows Components Wizard. 
• Under Components , scroll to and click Networking Services. 
• Click Details . Under Subcomponents of Networking Services , 
• click Dynamic Host Configuration Protocol (DHCP) and then click OK . 
• Click Next . 
• If prompted, type the full path to the Windows Server 2003 distribution files, and then click Next. 
• Required files are copied to your hard disk.

9. How to authorize a DHCP server in Active Directory Open DHCP ?. 

• In the console tree, click DHCP
• On the Action menu, click Manage authorized servers.
• The Manage Authorized Servers dialog box appears. Click Authorize.
• When prompted, type the name or IP address of the DHCP server to be authorized, and then click OK.

10. What is DHCPINFORM? 

DHCPInform is a DHCP message used by DHCP clients to obtain DHCP options. While PPP remote access clients do not use DHCP to obtain IP addresses for the remote access connection, Windows 2000 and Windows 98 remote access clients use the DHCPInform message to obtain DNS server IP addresses, WINS server IP addresses, and a DNS domain name.

The DHCPInform message is sent after the IPCP negotiation is concluded. The DHCPInform message received by the remote access server is then forwarded to a DHCP server. The remote access server forwards DHCPInform messages only if it has been configured with the DHCP Relay Agent.

Active Directory Interview Question & Answer

Active Directory Interview Question & Answer

1.         What is Active Directory schema?
Answer:  The schema is the Active Directory component that defines all the objects and attributes that the directory service uses to store data.

2.         What is global catalog server?
Answer: The global catalog is the set of all objects in an Active Directory Domain Services (AD DS) forest. A global catalog server is a domain controller that stores a full copy of all objects in the directory for its host domain and a partial, read-only copy of all objects for all other domains in the forest.

3.         Which is the default protocol used in directory services?
Answer: Lightweight Directory Access Protocol (LDAP)

4.         What is IPv6?
Answer: IPv6 is short for "Internet Protocol Version 6". IPv6 is the Internet's next-generation protocol, designed to replace the current Internet Protocol, IP Version 4. IPv4 allows to connect 4.3 billion IP address, where as IPv6 allows 340 trillion IP addresses to be used.

5.         What is the default domain functional level in Windows Server 2003?
Answer: Mixed mode functional level

6.         What are the physical & logical components of ADS?
Answer: The physical component of Active directory contain all the physical subnet present   in your network like domain controllers and replication between domain controllers.
      The logical structures of active directory include forest, domains, tree, OUs and global catalogs.

7.         What is multimaster replication?
Answer: Multi-master replication is a method of database replication which allows data to be stored by a group of computers, and updated by any member of the group

8.         What is a site?
Answer:  Sites in Active Directory® represent the physical structure, or topology, of your network. Active Directory uses topology information, stored as site and site link objects in the directory, to build the most efficient replication topology. You use Active Directory Sites and Services to define sites and site links. A site is a set of well-connected subnets. Sites differ from domains; sites represent the physical structure of your network, while domains represent the logical structure of your organization.

9.         Which is the command used to remove active directory from a domain controller?
Answer: Dcpromo /forceremoval

10.       What is trust?
Answer: To allow users in one domain to access resources in another, Active Directory uses trusts.
Trusts inside a forest are automatically created when domains are created. The forest sets the default boundaries of trust, and implicit, transitive trust is automatic for all domains within a forest.

11.       What is the file that’s responsible for keep all Active Directory database?
ANSWER: 1. ntds.dit : This is the main database file for active directory.

2. edb.log : When a transaction performed to ad database, like writing some data first the data will be stored to this file. And after that it will be sent to database. So the system performance will be depends on how this data from edb.log file will be written to ntds.dit
3. res1.log : Used as reserve space in the case when drive had low space. It is basically 10MB in size and creted when we run dcpromo.
4. res2.log : Same as res1.log. It is also 10MB in size and the purspose also same.
5. edb.chk : This file records the transactions committed to ad database. During shutdown, shutdown statement is written to this file. If it is not found when the system rebooted, the ad database tries to check with edb.log for the updated information.

12.       What is the SYSVOL folder?
Answer: All active directory data base security related information store in SYSVOL folder and its only created on NTFS partition.

13.       What are application partitions? When do I use them?
Answer: Application directory partitions: These are specific to Windows Server 2003 domains.
An application directory partition is a directory partition that is replicated only to specific domain controllers. A domain controller that participates in the replication of a particular application directory partition hosts a replica of that partition. Only Domain controllers running Windows Server 2003 can host a replica of an application directory partition.

14.       What is the Global Catalog?
The global catalog contains a complete replica of all objects in Active Directory for its Host domain, and contains a partial replica of all objects in Active Directory for every other domain in the forest.

15.       Feature of AD?
Answer: Fully Integrated Security, integration with DNS, Policy Based Administration, Scalable, Flexible, Extensible, inter operability with other directory services.

16.       What is structure of AD?
Logical & Physical

17.       What is the Component of AD?
Logical Structure: Domains, Tress, Forests and OU.
Physical Structure: Sites and Domain Controllers.

18.       What is a Domain?
Domain is collection of computers connected together with a server and users.

19.       What is a Tree?
Tree is a logical component of AD, is a collection of domains which share contiguous.

20.       What is a Forest?
Collection of trees which contain domains

21.       What is a child DC?
CDC is a sub domain controller under root domain controller which share name space.

22.       What is a roll of ADC?
It maintains backup of AD to provide fault tolerance and network load balancing.

23.       What are the tools found after installing a DC?
Active Directory User and Computers,
Active Directory Sites and Services,
Active Directory Domain & Trust,
Domain Controller Security Policy,
Domain Security Policy

24.       What is the diff. functional level of 2003?
Domain functional level & Forest functional level

25.       What is a standalone server?
Server which is not a part of domain

26.       What is a Schema?
Schema is design of AD, defines objects and classes, set of rules.

27.       What is an FSMO?
Flexible Single Master Operation

28.       What is the diff. operation master of 2003?
Schema Master, Domain Naming Master, PDC Emulator, Infrastructure Master, RID Masters.

29.       What is a Schema Master?
Is responsible for overall management, structure and design of schema Only one schema master in entire forest

30.       What is domain naming master?
Is responsible for addition or removal of domains and maintaining unique domain names only one domain naming master in entire forest

31.       What is a PDC Emulator?
Is responsible for providing backup compatibility for NT BDCs, in mixed mode it acts like a PDC for BDCs. It updates the password changes, synchronizes time between DCs. Only one PDC Emulator per domain.

32.       What is infrastructure Master?
Is responsible for updating user and group information and updating Global Catalog Only one infrastructure master per domain

33.       What is RID Master?
Relative identifier is responsible for assigning unique IDs to the object s created in the AD. Only one RID Master per domain.

daily tasks or day-to-day activities

1) Checking Tickets—End user support issues troubleshooting...and responding to tickets.

2) Server Health Checks / Alerts, VM Monitoring.

3) Performing regularly scheduled tape backups and verifying backups via test restores

4) Testing server and desktop virus protection and updating virus definations data

5) Verifying free disk space on your servers

6) Keeping tabs on your servers with Event Viewer

7) Verifying that all servers, applications, and databases are up and functional

8) Verifying LAN and WAN connectivity

9) Documenting and sharing procedures

10)

Security Interview Questions

Security Administrator - BASICS

1. What is a Firewall?
    Firewall is a device will acts as security layer for all incoming and outgoing traffic for a network

2. What is a gateway?
    Gateway is entry and exit point for a network.

3. Will firewall acts as a gateway?
     Yes

4. What are the basic configurations you do while configuring a new firewall?
    Configure LAN Network in the firewall
    Configure WAN Network in the firewall
    Write policies to allow internet, mail, etc.

5. What is all the firewall you handle?
    Fortigate, Juniper, Sonicwall

6. Explain few Fortigate firewall model?
    40c, 60c, 110c, 210b

7. Explain few sonic wall firewall model?
    NSA 240, NSA 2400, TZ Series

8. Explain few juniper firewall model?
    SSG Model, SRX Models

9. What is Firmware version in Fortigate?
     Fortios 4.0 or Fortios 5.0

10. What is Firmware version in Sonic Wall?
       Sonicos 5.0

11. What is Firmware version in Juniper?
       Junos 11.0

12. How do mange firewall remotely?
       By enabling HTTP or HTTPS access to wan interface

13. What is a difference between Proxy & Firewall?
       Proxy server will never acts a gateway devices but firewall acts as gateway devices

14. What is NAT?
      Internet standard that enables a local-area network (LAN) to use one set of IP addresses for internal traffic and a second set of addresses for external traffic.is the process of modifying IP address information in IP packet headers while in transit across a traffic routing device.

15. Explain Different types of NAT?
       Source NAT, Destination NAT, Static NAT

16. Tell the port no for the following
       HTTP – 80, HTTPS – 443, FTP – 20 & 21, RDP – 3389,SSH - 22,IMAP-143,SMTP – 25,POP3 – 110,MSSQL – 1433,LDAP – 389

17. Describe in general how you manage a firewall.
       Configuring firewall to acts a gateway device
       Configure firewall for Load balancing/Failover with two ISP’s
       Configure firewall for writing LAN to WAN & WAN to LAN Policies
       Configure firewall for UTM Feature
       Configure firewall as VPN Server
       Monitor Network traffic and log

18. What are the different types of Policy can be configured in firewall?
       LAN to LAN Policy, LAN to WAN Policy, WAN to LAN Policy

19. Can we set time based policy in firewall?
       Yes

20. What is the difference between router ACLs and Firewall Polices?

21. What is DMZ?
      DMZ (demilitarized zone) is a computer host or small network inserted as a "neutral zone" between a company's private network and the outside public network. It prevents outside users from getting direct access to a server that has company data.

22. Explain a scenario in which situation we plan for DMZ?
       Server or separate Networks

23. Is it possible to terminate more than two ISP’s in a firewall?
       Yes

24. What is UTM?
      Unified Threat Management indicates you get a security solution with Anti Spam, Anti Virus, Web Filtering, Web Proxy, Mail Proxy, Content Filtering, VPN and Firewall.

25. Explain about gateway antivirus?
      A feature of network security appliances that provides integrated antivirus security on the appliance to block potential threats before reaching the network. Gateway antivirus allows corporate and enterprise to check for viruses at the application layer using a web-based scanning service.

26. What is web filter?
     Web filter is a feature in firewall to block website based on category (jobs, Politics, Web Based Email, etc…), from database provided by the firewall product vendor.

27. How web filter works?
      Web Filter works with license provided by firewall, Web filter works if the firewall is able to communicate with web filter database server provided by the firewall vendor.

28. How Application filter works?
      Application filter is same as web filter to block unwanted application getting access using the common service like HTTP, HTTPS, etc…

29. What is denial of Service attack?
      Denial-of-service attack, a type of attack on a network that is designed to bring the network to its knees by flooding it with useless traffic. Many DoS attacks, such as the Ping of Death and Teardrop attacks, exploit limitations in the TCP/IP protocols. For all known DoS attacks, there are software fixes that system administrators can install to limit the damage caused by the attacks.

30. What is vulnerability test and how to you perform the test?
      Vulnerability test is a penetration test to find all the security issues in the Network, based on the test we can take action. Tools to test vulnerability is Nessus, Openvas

31. What is zero day attack prevention?
    The implications of a Zero-Day attack are that the software vendors can't address the vulnerability and patch the software prior to the vulnerability's exposure. When a Zero-Day attack gets exposed along with a newly-discovered vulnerability, it may take several weeks or months for the software vendors to create a patch. In the meantime, each computer that carries the vulnerable software is exposed to the attack.

32. Is it possible to configure firewall for User Authentication for Internet Access? Explain how
       Yes, using Identity based polices

33. Explain IPS / IDS?
      An intrusion detection system (IDS) inspects all inbound and outbound network activity and identifies suspicious patterns that may indicate a network or system attack from someone attempting to break into or compromise a system.

Intrusionpreventionsystem is used in computer security. It provides policies and rules for network traffic along with an intrusion detection system for alerting system or network administrators to suspicious traffic, but allows the administrator to provide the action upon being alerted. Some compare an IPS to a combination of IDS and an application layer firewall for protection.

34. Explain the difference between trusted and untrusted networks?
     Trusted network is protected network i.e. LAN where else untrusted network is open network i.e. WAN

35. What is the difference between IPsec and SSL VPN?
    Traditional VPN's rely on IPsec (Internet Protocol Security) to tunnel between the two endpoints. IPsec works on the Network Layer of the OSI Model- securing all data that travels between the two endpoints without an association to any specific application.

SSL is a common protocol and most web browsers have SSL capabilities built in. Therefore almost every computer in the world is already equipped with the necessary "client software" to connect to an SSL VPN.

36. What is site to site VPN?
      Site-to-site VPN allows offices in multiple fixed locations to establish secure connections with each other over a public network such as the Internet. Site-to-site VPN extends the company's network, making computer resources from one location available to employees at other locations.

37. What is SSL?
    Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers.

38. How do we create SSL Certificate?
      We can create SSL Certificate using Certificate Server or with service providers like godaddy, etc.

39. What is the advantage of having SSL VPN over IPsec?
      SSL VPN's have been gaining in prevalence and popularity; however they are not the right solution for every instance. Likewise, IPsec VPN's are not suited for every instance either.

40. What are the different types of VPN?
       IPsec, SSL, PPTP, L2TP

41. What requirements should a VPN fulfill?
       VPN Devices, VPN Encryption and VPN Components.

42. How many ways are there to implement VPN architecture?

43. What are the different ways authentication mechanisms in VPN?
      EAP authentication method, MS Chap Authentication method, unencrypted passwords (PAP), Shiva Password Authentication Protocol (SPAP)

44. Explain the basic of encryption in VPN?
      VPN can optionally use encryption. Traditionally it use IPSEC with an encryption method such as AES or 3DES. Encryption takes a plain text and a key and then applies an algorithm to produce a ciphertext. The keys can be static or negotiated.

45. Explain different components in PKI?
      A PKI (public key infrastructure) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority.

46. Explain tunneling?
      A technology that enables one network to send its data via another network's connections. Tunneling works by encapsulating a network protocol within packets carried by the second network.

47. Can you explain static and dynamic tunnels?
       Static Tunnel: The manually created tunnels are called Static Tunnels. Static tunnels creation is the only choice when global discovery of hosts and tunnel partners are disabled by enhancing Xpress tunnels into manually created tunnels. The priority is higher when compared with static tunnel.

Dynamic Tunnel: The tunnels that are auto-discovered are known as dynamic tunnels. Dynamic tunnels are created quickly and automatically after the Packet Shaper is reset. At the time of preventing automatic tunnel, dynamic tunnels are allowed to setup the situation.  

48. Provide an overview of various components in IPsec?
       IPsec contains the following elements:

Encapsulating Security Payload (ESP): Provides confidentiality, authentication, and integrity.

Authentication Header (AH): Provides authentication and integrity.

Internet Key Exchange (IKE): Provides key management and Security Association (SA) management.

49. Describe the Authentication Header (AH) Protocol?
    Authentication Header (AH) is a member of the IPsec protocol suite. AH guarantees connectionless integrity and data origin authentication of IP packets. Further, it can optionally protect against replay attacks by using the sliding window technique and discarding old packets

50. What is ESP (Encapsulating Security Payload)?
     Encapsulating Security Payload (ESP) is a member of the IPsec protocol suite. In IPsec it provides origin authenticity, integrity, and confidentiality protection of packets. ESP also supports encryption-only and authentication-only configurations, but using encryption without authentication is strongly discouraged because it is insecure.

51. What is Transport and Tunnel mode?
      IPsec can be run in either tunnel mode or transport mode. Each of these modes has its own particular uses and care should be taken to ensure that the correct one is selected for the solution:

Tunnel mode is most commonly used between gateways, or at an end-station to a gateway, the gateway acting as a proxy for the hosts behind it.

Transport mode is used between end-stations or between an end-station and a gateway, if the gateway is being treated as a host

52. Explain IKE (Internet Key Exchange)
      Internet Key Exchange (IKE) is an IPsec (Internet Protocol Security) standard protocol used to ensure security for virtual private network (VPN) negotiation and remote host or network access.The IKE protocol ensures security for Security Association (SA) communication without the preconfiguration that would otherwise be required.

53. Explain IKE phases?
     IKE phase 1. IKE authenticates IPsec peers and negotiates IKE SAs during this phase, setting up a secure channel for negotiating IPsec SAs in phase 2.

IKE phase 2. IKE negotiates IPsec SA parameters and sets up matching IPsec SAs in the peers.

54. Explain IKE modes
       Main Mode&Aggressive Mode

55. Explain the features and model of the firewall in your organization?

56. What is your vision for organization security?

57. Tell me how firewall is placed in your organization?

Vmware Interview Questions

Common Interview Questions VMWare L3 Administrator

1. What will be your daily activities in VMWare
2. What is the difference between VMWare and Hyper-V, when do you use one over the other
3. When you encounter PSOD, what steps do you follow
4. What do you do when you encounter “Failed to load, swap file not found” error
5. What port does P2V uses
6. What is the command to format and mount a file system
7. What is dvSwitch and why do you need it
8. What is the command you use for reading vm dump file and where does dump file reside
9. Explain the process you follow for Physical to Virtual conversion
10. What is P2V Cleanup and explain it
11. What do you do when the VC becomes frozen/not responding
12. What is ballooning and explain it
13. What is DRS
14. What is HA and how frequent it checks the hosts connectivity
15. what is AAM (Always Available Manager, Active Alert Manager) and it’s role
16. What is Forged Traffic and what is the default value it’s set to
17. What is Promiscuous mode
18. What is RDM and when do you use it
19. What is ks.conf file
20. How do you expand root/C: drive of a VM
21. What are the features of VMFS
22. How do you restart the services of ESX and vCenter
23. Which port vCenter server listens on or uses
24. What is traffic shaping/filtering/prioritization, NIC teaming
25. Suppose I select  1 mb block size what is the maximum file size I can have?
26. What are Networking Policies
27. What network types available in VMWare?

Common Interview Questions VMWare L2Administrator

1). What's new with vsphere 5.1?
http://www.vmware.com/files/pdf/products/vsphere/vmware-what-is-new-vsphere5.pdf

2). Difference between ESX and ESXi?

3). How does vmotion works?

4). Pre-requisites of vMotion?
1.     ESX Servers must be configured with VMkenerl ports enabled for vmotion and on the same network segment
2.     ESX Servers must be managed by the same Virtual Center server
3.     ESX Must have compatible CPUs
4.     ESX Servers must have consistent Networks and Netwroks labels
5.     The VMs must be stored on shared storage - iSCSI or FC SAN or NAS/NFS
6.     The VMs cannot use local cd/floppy or internal only vrtual switches on the ESX server

5). Difference between h/w version 4 vs 7 vs 8 vs 9?
http://pubs.vmware.com/vsphere-50/index.jsp?topic=%2Fcom.vmware.vsphere.upgrade.doc_50%2FGUID-68E5EDAE-66DE-43F8-9420-F424AFEADB1D.html

6). What is storage DRS?
http://www.vmware.com/ap/products/datacenter-virtualization/vsphere/storage-drs.html

7). How is HA of vsphere 4.1 different from vsphere 5.x?
http://www.yellow-bricks.com/vmware-high-availability-deepdiv/

8). What is NMP (native multipathing)?
9). If one host is showing disconected to vcenter, how will you troubleshoot it?
10). What is PSOD, how will you troubleshoot it?
11). Where does the logs of hostd and vpx go?
12). what is in-memory filesystem and is introduced with which version?
13). Pr-requisites of FT?
14). What can be the maxium size of snapshot, how it grows?
15). Commands to create vswitch?
16). What is lockdown mode?
17). what is CPU ready time?
18). How to enable hot-add feature?
19). how to generate logs using CLI?
20). What is the default location for AAM logs?
21). Difference between VMF3 and VMFS5 filesystem?
22). How to troubleshoot VMs performance using CLI?
23). Difference between vpxa and hostd deamons?
24). How many simultaneous vmotions are possible in 1gigs n/w?
25). What are default roles in vcenter?
26). Whati s the difference between vmdk and flat.vmdk?
27). What is "shared nothing" vmotion and its pre-requisites?
28). Licensing model in 5.0 and how it is changed in 5.1?
29). How to upgrade from ESX 3.5 to 4.0 /4.x to 5.x?
30). What is a slot-size and how is it calculated?
31). Importance of VMware tools?
32). How many disk failures does RAID 5 support?
33). which is better RAID 10 or RAID 01


Storage Questions

1). What is zoning, different types of zoning?
2). Difference b/w soft and hard zoning?
3). Whati s LUN masking?
4). What is vault drive?
5). What is LUN masking and how is it different from zoning?
6. How many maximum number of disks can be placed in EMC clariion CX4 - 960
7). What is LCC and its importance?
8). What is difference between contcatination and Striping in lun expansion?
9). How is a LUN presented to a server, all steps like RAID grouping, LUN binding etc?
10). what is WWN and IQN
11). What are different types of backup techniques?
12). What is deduplication?