Windows admin interview questions

By admin , September 3, 2004

1. escribe how the ! lease is obtained. It`s a Iour-step process consisting oI (a) IP
request, (b) IP oIIer, , IP selection and (d) acknowledgement.
2. can`t seem to access the nternet, don`t have any access to the corporate network
and on ipconfig my address is 169.254.`.`. What happened? %e 169.254.*.* netmask
is assigned to Windows macines running 98/2000/XP iI te DHCP server is not
available. %e name Ior te tecnology is APIPA (Automatic Private Internet Protocol
Addressing).
3. We`ve installed a new Windows-based ! server, however, the users do not
seem to be getting ! leases off of it. %e server must be autorized Iirst wit te
Active Directory.
4. ow can you force the client to give up the dhcp lease if you have access to the client
!? ipconIig /release
5. What authentication options do Windows 2000 Servers have for remote clients?
PAP, SPAP, CHAP, MS-CHAP and EAP.
6. What are the networking protocol options for the Windows clients if for some
reason you do not want to use T!!? WLink (ovell), etBEUI, Apple%alk
(Apple).
7. What is data link layer in the OS reference model responsible for? ata link layer
is located above the physical layer, but below the network layer. %aking raw data bits
and packaging tem into Irames. %e network layer will be responsible Ior addressing te
Irames, wile te pysical layer is reponsible Ior retrieving and sending raw data bits.
8. What is binding order? %e order by wic te network protocols are used Ior client-
server communications. %e most Irequently used protocols sould be at te top.
9. ow do cryptography-based keys ensure the validity of data transferred across the
network? Eac IP packet is assigned a cecksum, so iI te cecksums do not matc on
bot receiving and transmitting ends, te data was modiIied or corrupted.
10.Should we deploy !SE-based security or certificate-based security? %ey are
really two diIIerent tecnologies. IPSec secures te %CP/IP communication and protects
te integrity oI te packets. CertiIicate-based security ensures te validity oI
autenticated clients and servers.
11.What is LMOSTS file? It`s a Iile stored on a ost macine tat is used to resolve
etBIOS to speciIic IP addresses.
12.What`s the difference between forward lookup and reverse lookup in S? Forward
lookup is name-to-address, te reverse lookup is address-to-name.
13.ow can you recover a file encrypted using EFS? Use te domain recovery agent.
14.1. ow to you keep yourself updated on network security -or- Where do you get
updates on security?
15.%is type oI question is meant to see te interest oI te candidate in keeping abreast in te
Iield oI network security. II te candidate puts up a blank Iace, it is time to call next
candidate. One can speciIy 'news alerts or any website(s) s/e cecks out Ior latest
inIormation about security.
16.2. f you need to encrypt and compress data for transmission, how would you
achieve it?
17.%e candidate may start explaining wat is data encryption, ow s/e would encrypt te
data and ten compress it Ior transmission. However, te actual answer would be to
explain ow to compress and ten talk about encryption. Encrypting compressed data
oIten leads to loss oI data.
18.. What factors would you consider before deploying a web intrusion detection
system?
19.An open question, te interviewer is trying to assess te knowledge oI candidate in
diIIerent Iields associated wit web intrusion. %ese include: SSL; H%%P protocol;
logging; alert mecanism; and signature update policies.
20.4. What is ross site scripting?
21.%oug te answer is straigtIorward, most candidates are unaware oI te term. One oI
te most important security issues, cross scripting reIers to pising attempts by a
website tat employs a java script tat leads to deploying a malware witout te
knowledge oI user.
22.5. ow does the TT! handle state?
23.%e answer is tat H%%P cannot andle states. However, tere is a ack. It employs use
oI cookies to andle te state.
24.6. n context of public key encryption, if you are using both signature and
encryption features, what key will you use for encryption and which one will you use
for signing?
25.Answer is simple. One would always sign using teir key so te public key is used Ior
encryption. Most oI te candidates tend to name public key Ior bot signing and
encryption. %ey miss out te point tat public key encryption also includes a private
key.
26.. What type of network do you use at home?
27.Again, tis question is employed to assess te skills and networking background oI
candidates. 'I don`t ave a network at ome but I ave andled networks at so and so
places is better tan saying 'sorry, I don`t ave a network at ome. %e latter would
send out a signal tat te candidate never ad exposure to networks.
28.. What is ross Site Request Forgery and how to defend against it?
29.%e question can also be in two parts, in wic case, candidates witout knowledge oI
CSRF would get lost. II asked combined, candidates can guess tat cross site request
Iorgery is someting tat relates to malicious scripting wit pising intentions. %e
question may also be Iramed as 'wat is cross site request. In tis case, candidates
cannot even guess tat it is someting malicious as te word Iorgery` is not tere.
30.9. ame the port used by !.
31.Always remember tat PI does not use any port. As PI is based upon layer 3
protocol, it never uses any computer port. A simple variation oI te question could be:
Does PI use UDP? Or Does PI use %CP? Again remember tat UDP and %CP are
layer 4 protocols and PI as noting to do wit tem.
32.10. Security Life ycle.
33.It can be prased in many ways: wat comes Iirst vulnerability or treat? How do you
design a system wit some options given? %e candidate needs to answer tese questions
using is/er own experience and opinions. %e objective is ow best te candidate can
explain wat you asked.
34.%ese are just some oI te network security interview questions tat are meant to give
you an idea oI ow a security interview goes. II you wis to sare your experience or
wis to add anyting, please Ieel Iree to sare using comments box.