****************************************************** ******************************************************

Ports FTP 21 DNS 53 DHCP 67/68 Telnet 23 RDP SQL 1433 GC 3268 Ldap - 389 ARP (Address Resolution Protocol) - Resolves IP to MAC Arp a (View cache) & Arp d (Clear Cache) RARP (Reverse Address Resolution Protocol) MAC to IP GARP- Gratuitous Address Resolution Protocol which finds if you have 2 identical IP s assigned. ******************************************************* ******************************************************* What is a Default Gateway Entry point to another Subnet.

3389

******************************************************* ******************************************************* Explain DORA Process ******************************************************* ******************************************************* How to find what port a Service is listening = netstat ******************************************************** ******************************************************** Explain DNS (Iterative & Recursive Query) Iterative = If DNS Server is unable to find query in its database, It will point to some other DNS Servers, If still unable to get the query it will point to dot until it finds an answer or time out. Recursive Query = DNS Server will do the full task. I.e it will not point to any other server and will return the output of the query. (DNS will use forwarders to find an answer) ******************************************************** ******************************************************** DNS Zones : Primary Zone : stores zones info in writable format. Secondary Zone- read only format Stub-Zone copy of a zone that contains only those resource records necessary to identify the authoritative dns server for that zone. ******************************************************** ******************************************************** aon | find :67

AD Partitions : 1. Schema : Contains definitions of object class & attributes 2. Configuration : Contain Information of the structure of forest 3. Domain : Holds information of Objects. ******************************************************** ******************************************************** 3 Categories of Event Viewer : System, Application & Security ******************************************************** ******************************************************** Explain VPN Helps Remote Users to access Internal Resource by creating a VPN Tun nel Remote Client will require Relay Agent to access Internal Network . (Relay Agent is a GRE enabled Router) The client will get an Internal IP of the Server, If the client local IP is of t he same subnet that of the Server there might be an issue connecting to VPN beca use it will not come to know where to acknowledge after creating the vpn tunnel. Port 1723 should be opened Protocols Used PPTP and L2TP ********************************************************* ********************************************************* RPC Over HTTP When a user from home wants to access Exchange Server using Outlook. Remote Procedure Call: When a local client communicates with Exchange the traffi c generated is RPC which can t run over the Internet (works in LAN). Hence when user from home access the RPC request is tunneled into Https which is sent to the IIS Server (where RPC proxy is running). RPC proxy server will remove Https and sends the request to exchange Exchange will reply back with RPC traffic which is again tunneled into Https and send back to the client. ********************************************************* ********************************************************* FSMO Roles ********************************************************* 3 Important points of PDC Emulator 1. Time Sync 2. Used in Mixed Environment 3. Will always have updated password information, so if GC goes down PDC wi ll authenticate. ********************************************************** ********************************************************** System State : Includes AD data, Registry, +com class, Sysvol & System files) *********************************************************** ***********************************************************

Non Authorative & Authorative Restore : Non Authorative: Default method of restoring AD. This restore will restore the S erver in question from backup & then will receive all updated from its replicati ng partners. Authorative : This method restores the DC directory to the state that it was in when the backup was made, then overwrites all other Dc s to match the restored DC, thereby removing any changes made since backup. *********************************************************** *********************************************************** Explain 1. 2. 3. Global Catlog: Maintains Partial copies of other domains Full replica of its domain Group & Group Membership Information.

*********************************************************** *********************************************************** IIS : Used to publish/host websites which provide web interface for applications like SQL, Exchange. How does IIS work : When we get a request on our webserver it will 1st listen on HTTP.SYS and then will pass on to w3svc (service which manages all websites hos ted on your website). In w3svc there is a worker process which is w3wp.exe, this worker process will process the request and send it back to HTTP.SYS. HTTP.SYS will sent the request to the requester. ************************************************************ ************************************************************ IIS authentication : Anonymous Authentication ( IUSR_COMPUTERNAME)- no authenticated user credentials are required to access the site ************************************************************* ************************************************************* Windows Integrated Authentication - method sends user authentication information over the network as a Kerberos ticket, and provides a high level of security. Basic Authentication ( Clear Text )- Basic authentication requires a user ID and password, and provides a low level of security Digest Authentication - Digest authentication requires a user ID and password, p rovides a medium level of security, Windows Form based authentication (using database at the blackened) IIS 6 includes. Passport Authentication.- When you select this option, requests to IIS must contain valid .NET Passport credentials on either the query string o r in the cookie

************************************************************* ************************************************************* Difference mapi and imap Imap4 protocol used to receive emails

used by Mac Clients

************************************************************* ************************************************************* Logging Types: Linear & Circular Linear : File Size 5 MB, if it is full it will create a New file Circular : Has 4 files of 5 Mb, if the 4th is full it will override the 1st log. ************************************************************* ************************************************************* Dirty and Clean Shutdown : There is a flag in the database called dirty shutdown flag If the database is mounted the flag value is 1 (1 means there is some info which needs to be committed to the database file). Now if we dismount the store all t he logs will be committed and the flag will change to 0 However if there is a poweroutage the flag will remain itted since it s a dirty shutdown. 1 as the logs are not comm

So, in dirtyshutdown issues you can fix it by running soft/hard repair. Soft Repair :We can provide the log files which are required. (Please note that Soft repair is only possible with Linear Logging) Hard Repair : Remove the information from the database that is requires the Log file. Eseutil switches Eseutil /mh Eseutil /r Soft repair Eseuti/ p Hard repair Eseutil/g check Integrity Eseutil/d Defrag ( To run defrag you need 120% space of you dbase, if incase yo u do not have that you can run defrag to save the temp.edb on another location w ith /t e.g. eseutil /d /t z:/temp Exchange Utilities : Exmerge, RSG, LegacyDN (Exmerge used to merge emails of 2 O rgs, remove corruption, has limit of 2 gb) ************************************************************** ************************************************************** Outbound Mail Flow: 1. Message created, goes to Outbox 2. Information Store receive the Message and then sends it to the Adv Queuing En gine. 3. The Message Categorizer processes the Mail Message Object 4. EXIPC (Exchange Inter Process Communicator) responsible for communication bet ween IIS & Exchange 5. If it s an external email Smtp initiates an SMTP Session with remote Smtp (host that are identified by the routing engine). If it s an Internal Email its sent to Information Store 6. Routing Queuing Engine identifies whether it is a Internal/External Email.

************************************************************** ************************************************************** What is DS2MB When you make changes to exchange(eg add recipient policy etc) A r eplication happens from AD to IIS about exchange which is called DS2MB (Director y Service 2 Metabase) ************************************************************** ************************************************************** Dcgpofix to get back default AD policies (Default Domain & default Domain Contro ller policies) Replication : File Replication : If anything is changed on DC1 the full file is replicated to DC2 NTDS Replication : If a user is added only the User is replicated not the full f ile. ************************************************************** ************************************************************** Different Types of Groups : Domain Local :Only Users within the Domain Global Group : Used to grant permissions to objects in any domain in the domain or forest. Member of GG can include only a/cs & groups from the domain in which they are defined Universal Group : Used to grant permissions on a wide scale throughout a domain tree or forest. Member of UG include account and groups from any domain or fores t. ************************************************************* ************************************************************* How do you will check if DC is a GC ? - Dssite.msc es Default Site Dc NTDS properti

************************************************************* ************************************************************* Volume Shadow Copy : VSS takes snapshot of data even when the file is in use. Co pies are called shadow copies. VSS 1st will copy the data and when it copies it for the 2nd time it will only copy the difference which is called Copy-on write. (same or different drive) Can do Cloning which will copy the full data again to a different drive. *************************************************************

************************************************************* SQL : Structured Query Lang. (Versions 7.0, 2000, 2005, 2008) Database: combination of .mdf & .ldf files (.mdf are actual databases & .ldf ar e log files) 1. Master : Has information of all databases. 2. Model : Schema of database is stored here (Templates) 3. Temp : Temp info is stored here when you want to perform some operation. 4. msdb 3GB switch : play with allocation of memory can assign 3 gb to User and 1 gb to Kernel for Optimization. (Also called fine tune of Exchange) PAE : to give an impression that it has more memory. Page File : Contains all pages which are not in use but will be used in some tim e by the OS. Virtual Memory : is a computer technique which gives an application program that impression that it has continous working memory. ************************************************************** ************************************************************** Types of Registry Hives and what do you have in those ? 1. System: Contains the Current Values under Current Control Sets, LKG Value & System Partition Info & Mounted Device Info Security Account Manager Updated Passwords of Users 2. SAM 3. Software All Softwares installed on the box including the drivers. 4. Security Audit Information. 5. Default : Information of Environment, Control Panel, Keyboard Layouts ************************************************************** ************************************************************** OSI Layer 1. Physical Layer : (Raw Bit Physical Media) (Protocols : T1,E1) (Hub, Repe ater) 2. Data Link : (Provides error free transfer of data) (Protocols: ARP, L2TP , PPP, PPTP) (Switch, Hub, Nic) 3. Network : Decides which physical path data should go (IP, IPsec, ICMP) ( Router, Brouter) 4. Transport: Ensures data is delivered error free in Sequence (TCP, UDP) ( Router) 5. Session : Creates a Session (Named Pipe, Netbios, Sap) 6. Presentation : formats data to be presented (Mime, Xdr) 7. Application : serves window for users and application process to access network services (HTTP, NTP, SMTP, FTP, DS) ************************************************************* ************************************************************* Difference between TCP and UDP : TCP : Reliable protocol message will be delivered in sequence hence delivery is slow. UDP User Datagram :Unreliable hence fast. Past might get lost Used for sending s treaming media.

************************************************************** ************************************************************** IP Classes A = 1 126 B = 128-191 C = 192-223 D=224-239 E=240-255 127.0.0.0 reserved to check connectivity with itself (your own machine) Class D reserved for Broadcast & Class E Reserved for Research *************************************************************** *************************************************************** Backup Types apart from Full : incremental backup A backup of those files which have changed since the las t backup of any type. Uses the lease time and space as only those files change d since the last backup are copied; lets you back up multiple versions of the sa me file. Makes the job of restoring files fiddly, as you have to reinstal l the last full backup first, then all subsequent incremental backups in the cor rect order; also makes it hard to locate a particular file in the backup set. differential backup A backup of those files which have changes since the las t full backup. Should be performed at regular intervals. Takes up less ti me and space than a full backup; provides for more efficient restoration than in cremental backups. Redundant information stored, because each backup stores much of the same information plus the latest information added or created since the last full backup. Subsequent differential backups take longer and longer as more files are changed

********************************************