2) .MST file:- Transform files. Used for the customized installtion of applications. .MST file is used to transform the .msi file. When the .mst file is placed in the same directory as the original .msi file , it customizes the installtion.

 3) .MSP file:- used to apply service packs and hot fixes to installed software. It contains a minimum database transform procedure that adds patching information to the database of its target installation package. Should be located in the same folder where .msi file is there.

4) .ZAP file- used when repackaging an application is not an option and the windows installer is not present. ZAP file is a non windows installer package that can be created in a text editor. Looks and functions similar like an .ini file.

Moving a Database or Log File

1. Restart the domain controller.
2. Press F8 at the Startup menu, and then click Directory Services Restore Mode.
3. Select the appropriate installation if more than one exists, and then log on as an administrator at the logon prompt.

4. Start a command prompt, and then type ntdsutil.exe.NOTE: To get a list of commands that you can use at the Ntdsutil prompt, type ?.

5. At a Ntdsutil prompt, type files.
6. At the File Maintenance prompt, use one or both of the following procedures:
* To move a database, type move db to %s, where %s is the drive and folder where you want the database moved.
* To move log files, type move logs to %s, where %s is the drive and folder where you want the log files moved.
7. To view the log files or database, type info. To verify the integrity of the database at its new location, type integrity.
8. Type quit, and then type quit to return to a command prompt.
9. Restart the computer in Normal mode.

NOTE: When you move the database and log files, you must back up the domain controller.

If you do not press F8 in time to select the installation method:

1. Log on as an administrator, double-click System in Control Panel, and then click the Advanced tab.
2. Click Startup and Recovery, and then verify that the Display list of operating systems for XX seconds check box is selected.
3. Restart the domain controller, and then press F8.

For more details visit :-

http://support.microsoft.com/?kbid=257420

11. What is LDP? What is REPLMON? What is ADSIEDIT? What is NETDOM? What is REPADMIN?
LDP- For adding, removing, modifying, searching AD. GUI based.
ADSIEDIT- Used to verify the current functional level and perform low level AD editing. Used to add, edit, and delete AD objects.
NETDOM- Manages and verifies trust, join computers to domain, and verify replication ability and permissions between partners.
REPADMIN- To check replication consistency between replication partners, monitor replication status, display replication metadata, and force replication events and KCC recalculation.
REPLMON- Displays replication topology, monitor replication status including group policy, and force replication events and KCC recalculation. GUI based

12. What are sites? What are they used for?
Site is defined as one or more IP subnets that are connected by fast links. Site consists of one or more well connected IP subnets. Sites organize the replication process by defining group of servers that replicate with one another. Sites is used to determine the appropriate DC for logon

13. What is the KCC?
KCC- Knowledge consistency checker is responsible for optimization of replication by creating and maintain the replication topology. It takes info from the AD sites and services.
14. What is the ISTG? Who has that role by default?
ISTG- Inter site topology generator. Process used to initiate the creation and management of the replication topology between sites. Responsible for selecting the bridgehead server. Held by One DC at each site. Fully automatic is the DC designation process
15. What are the requirements for installing AD on a new server?
a. Server running Windows 2003 standard edition, enterprise edition, datacenter edition.
b. Admin account and password on the local machine
c. NTFS file structure for SYSVOL folder
d. 200 MB free space on the ntfs partition
e. 50 MB space for transaction log files
f. TCP/IP installed and configured
g. DNS ready
16. What is tombstone lifetime attribute?
A tombstone is what is left of an object that has been deleted. Deleted objects are not completely removed from the AD database. They are marked for deletion. Lifetime of 60 days by default.
17. What’s the difference between LDIFDE and CSVDE? Usage considerations?
LDIFDE- LDAP Data Interchange Format Directory Exchange. Import or export of AD information. Add , delete, modify objects in AD. Can modify schema also if necessary. Can also import from other like Novell
CSVDE-Comma Separated Value directory Exchange- Import or export AD info from a .csv file. Cannot modify or delete objects.
18. What are the FSMO roles? Who has them by default? What happens when each one fails?
Flexible Single Master Operation roles. Specialized roles performed by specific servers. DC has them. Domain specific roles-
a. Relative Identifier (RID) master
b. Infrastructure Master
c. Primary domain controller (PDC) emulator

Forest specific roles-

a. Domain naming master
b. Schema master
19. What FSMO placement considerations do you know of?
a. The number of domains that are or will be part of the forest
b. The physical structure of the network
c. Number of DC available in each domain
20. What’s the difference between transferring a FSMO role and seizing one? Which one should you NOT seize? Why?
Role Transfer- Moving role from one DC to another. Done to provide improved performance or when a DC will be taken offline for maintenance.
Role Seizure- Used when there is a catastrophic failure of a DC holding a role. Seizing a role can be defined as a forced, permanent transfer. This procedure assumes that you cannot restore the DC that previously held the role.
21. How do you backup AD?
Backup and restore wizard
22. How do you restore AD?
ntdsutil
23. What are GPOs?
A collection of group policy settings. GPO is essentially the documents created by the group policy snap-in, a windows utility. GPOs are stored at domain level and they affect the users and computers contained in sites, domains and ou.
24. What is the order in which GPOs are applied?
a. Local Policies
b. Site Policies
c. Domain Policies
d. OU policies
25. Name a few benefits of using GPMC.
GPMC provides a single access points to all aspects of group policy that are spread across a network
a. Single point of admin
b. Importing and copying the GPO to and from the file sys
c. Back up and restoration of GPO
d.
26. What are the GPC and the GPT? Where can I find them?
GPC- Group Policy container- An AD container that stores properties of the GPO. Can be viewed by using the advanced features view settings in AD users and computers. Named according to the GUID. Given to the policy when it is created.
GPT- Group Policy template-GUID named folder that stores policy settings such as security and script files. Located in policies sub folder of SYSVOL volume within AD. GPT stored in %SystemRoot%\SYSVOL\sysvol\domainname\Policies\GUID

27. What can I do to prevent inheritance from above?
a. No Override
b. Block Policy Inheritance
c. Loopback

28. How can you determine what GPO was and was not applied for a user? Name a few ways to do that.
RSOP,
29. What are administrative templates?
Built in templates that provide predefined registry based policy settings that can be used to configure computer and user accounts within Active directory. These templates are based on Unicode text files with an .adm extension. Windows server 2003 administrative templates based on five .adm files that are included with the OS.
30. What’s the difference between software publishing and assigning?
Software Publishing- Available only under user configuration\software settings\software installation extensions. Published application is visible in ADD/REMOVE programs. It is not listed as an option in the start menu or desktop. If u want to give the users the choice to use the application as per their choice.
Software Assigning- software visible in start menu or desktop,. If u want that users should use only the predefined application then use this.
31. Can I deploy non-MSI software with GPO?
Using .ZAP extension . it is a non windows installer package that can be created in a text editor. Similar in looks and functionality to INI files.

32. Which support tools are being used to troubleshoot the DNS issues?
2003 support tools added DNS tests to DCDIAG that the 2000 tools don’t have. Also for general connectivity/DNS testing Netdiag is very helpful. Plus…there’s dnscmd, dnslint….. and of course network monitor captures..

33. What tools are you familiar with AD General Heath Check?
DCDIAG /v

34. What port Kerberos uses and what is Kerberos? What is KCC, and Explain bi-directional ring with extra edges?
Port 88 UDP and TCP. Kerberos Version 5 is standard on all versions of Windows 2000 and later plus ensures the highest level of security to network resources. The Kerberos protocol name is based on the three- headed dog figure from Greek mythology known as Kerberos. The three heads of Kerberos comprise the Key Distribution Center (KDC), the client user and the server with the desired service to access. The KDC is installed as part of the domain controller and performs two service functions: the Authentication Service (AS) and the Ticket-Granting Service (TGS). Kerberos is totally different beast than LM/NTLM. You get tickets instead of contently doing ‘challenge/response’. but, in an environment you will never ONLY use Kerberos. For things like non-interactive logins(OWA), cross domain SMB access, and many other instances you will fall back to NTLM (v2 if you’re setup to not use v1 or LM which are security risks as they store hashes on the servers that can be cracked)

35. Explain Journal Wrap, how it happens and how can it be fixed
NTFS maintains a special log called the NTFS USN journal, which is a high-level description of all the changes to files and directories on an NTFS volume. FRS uses this mechanism in order to track changes to NTFS directories of interest, and to queue those changes for replication to other computers. The NTFS USN journal has defined size limits and will discard old log information on a first-in, first-out basis in order to maintain its correct size. If FRS processing falls behind the NTFS USN journal, and if NTFS USN journal information that FRS needed has been discarded, then FRS enters a journal wrap condition. FRS then needs to rebuild its current replication state with respect to NTFS and other replication partners.

36. Explain lingered object and how to troubleshoot the issues related to it
LingeringObjects are introduced by DCs/GCs that have been offline or failed to replicate for the tombstone lifetime. Say that DC A and B are online. B goes offline. 10 users get deleted from A. The 10 users remain in deleted items for 60 days or whatever its set to. (Tombstone lifetime). If you bring B back up any time before the 60 days are up, no problem. During replication, B would move the users to deleted items just as on A. But, if its brought up AFTER, those deleted users aren’t in the A database at all, anywhere so B knows they aren’t on A but has no way of knowing what happened to them. So they remain in B’s database as lingeringobjects. Most places use strictreplication consistency to avoid replicating the objects around which could cause problems.

Resolution: To perform a nonauthoritative restore, stop the FRS service, configure the BurFlags registry key, and then restart the FRS service. To do so:
1. Click Start, and then click Run.
2. In the Open box, type cmd and then press ENTER.
3. In the Command box, type net stop ntfrs.
4. Click Start, and then click Run.
5. In the Open box, type regedit and then press ENTER.
6. Locate the following subkey in the registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\NtFrs\Parameters\Backup/Restore\Process at Startup
7. In the right pane, double-click BurFlags.
8. In the Edit DWORD Value dialog box, type D2 and then click OK.
9. Quit Registry Editor, and then switch to the Command box.
10. In the Command box, type net start ntfrs.
11. Quit the Command box.

Lingering objects may be a problem in the following scenarios:
•The lingering object is holding a value on a unique attribute, such as samAccountName, that another object wants to use.
•The lingering object is a security risk, for example, it may represent a user that you should have deleted.
•The lingering object only exists in the read-only naming context (global catalog). This behavior makes the object difficult to delete.
If you enable Strict Replication Consistency, a destination stops replicating and you receive the error message that is described in the “Symptoms” section of this article if the destination receives modifications for an object that it does not have. Typically, this problem occurs when a good domain controller that does not have the object replicates in a change to a lingering object from a bad source that has been out of contact.
If you enable Loose Replication Consistency, if a destination receives a change to an object that it does not have, the entire object is replicated to the target for the sake of replication consistency. This behavior causes a lingering object to be reapplied to all domain controllers in the replication topology.
TO REMOVE: 2003 support tools Repadmin has a /removelingeringobjects switch that helps. 2000 is much more difficult, especially in they are in the GC partions that are READ ONLY. You can’t delete from READ ONLY. This is where an “operational” attribute comes into play. Progamatically, at RootDSE, an operational attribute called ‘removelingeringobject’ with info about the object is written. You’re essentially telling AD to delete it for you since its read only and you can’t.

37. If you have 12 domains how may FSMO roles do you will have in your Forest
(38 Roles)

38. What’s the difference between local, global and universal groups?

Domain local groups assign access permissions to global domain groups for local domain resources. Global groups provide access to resources in other trusted domains. Universal groups grant access to resources in all trusted domains.

39. I am trying to create a new universal user group. Why can’t I?

Universal groups are allowed only in native-mode Windows Server 2003 environments. Native mode requires that all domain controllers be promoted to Windows Server 2003 Active Directory.

40. What is LSDOU?
It’s group policy inheritance model, where the policies are applied to Local machines, Sites, Domains and Organizational Units.

41. Why doesn’t LSDOU work under Windows NT?

If the NTConfig.pol file exist, it has the highest priority among the numerous policies
.
42. Where are group policies stored? %SystemRoot%System32\GroupPolicy

43. You change the group policies, and now the computer and user settings are in conflict. Which one has the highest priority? The computer settings take priority.

44. You want to set up remote installation procedure, but do not want the user to gain access over it. What do you do? gponame–> User Configuration–> Windows Settings–> Remote Installation Services–> Choice Options

45. What’s contained in administrative template conf.adm? Microsoft NetMeeting policies

46. How can you restrict running certain applications on a machine? Via group policy, security settings for the group, then Software Restriction Policies.

47. You need to automatically install an app, but MSI file is not available. What do you do? A .zap text file can be used to add applications using the Software Installer, rather than the Windows Installer.

48. What’s the difference between Software Installer and Windows Installer? The former has fewer privileges and will probably require user intervention. Plus, it uses .zap files.

49. What can be restricted on Windows Server 2003 that wasn’t there in previous products? Group Policy in Windows Server 2003 determines a users right to modify network and dial-up TCP/IP properties. Users may be selectively restricted from modifying their IP address and other network configuration parameters.

50. How frequently is the client policy refreshed? 90 minutes give or take.

51. Where is secedit? It’s now gpupdate

52. You want to create a new group policy but do not wish to inherit. Make sure you check Block inheritance among the options when creating the policy.

53. What is “tattooing” the Registry?
The user can view and modify user preferences that are not stored in maintained portions of the Registry. If the group policy is removed or changed, the user preference will persist in the Registry.

54. How do you fight tattooing in NT/2000 installations? You can’t.

55. How do you fight tattooing in 2003 installations? User Configuration – Administrative Templates – System – Group Policy – enable – Enforce Show Policies Only.

56. What does IntelliMirror do? It helps to reconcile desktop settings, applications, and stored files for users, particularly those who move between workstations or those who must periodically work offline.

57. What’s the major difference between FAT and NTFS on a local machine? FAT and FAT32 provide no security over locally logged-on users. Only native NTFS provides extensive permission control on both remote and local files.

58. How do FAT and NTFS differ in approach to user shares? They don’t, both have support for sharing.

59. Explan the List Folder Contents permission on the folder in NTFS. Same as Read & Execute, but not inherited by files within a folder. However, newly created subfolders will inherit this permission.

60. I have a file to which the user has access, but he has no folder permission to read it. Can he access it? It is possible for a user to navigate to a file for which he does not have folder permission. This involves simply knowing the path of the file object. Even if the user can’t drill down the file/folder tree using My Computer, he can still gain access to the file using the Universal Naming Convention (UNC). The best way to start would be to type the full path of a file into Run… window.

61. For a user in several groups, are Allow permissions restrictive or permissive? Permissive, if at least one group has Allow permission for the file/folder, user will have the same permission.

62. For a user in several groups, are Deny permissions restrictive or permissive? Restrictive, if at least one group has Deny permission for the file/folder, user will be denied access, regardless of other group permissions.

63. What hidden shares exist on Windows Server 2003 installation? Admin$, Drive$, IPC$, NETLOGON, print$ and SYSVOL.

64. What’s the difference between standalone and fault-tolerant DFS (Distributed File System) installations? The standalone server stores the Dfs directory tree structure or topology locally. Thus, if a shared folder is inaccessible or if the Dfs root server is down, users are left with no link to the shared resources. A fault-tolerant root node stores the Dfs topology in the Active Directory, which is replicated to other domain controllers. Thus, redundant root nodes may include multiple connections to the same data residing in different shared folders.

65. We’re using the DFS fault-tolerant installation, but cannot access it from a Win98 box. Use the UNC path, not client, only 2000 and 2003 clients can access Server 2003 fault-tolerant shares.

66. Where exactly do fault-tolerant DFS shares store information in Active Directory? In Partition Knowledge Table, which is then replicated to other domain controllers.

67. Can you use Start->Search with DFS shares? Yes.
68. What problems can you have with DFS installed? Two users opening the redundant copies of the file at the same time, with no file-locking involved in DFS, changing the contents and then saving. Only one file will be propagated through DFS.

69. I run Microsoft Cluster Server and cannot install fault-tolerant DFS. Yeah, you can’t. Install a standalone one.

70. Is Kerberos encryption symmetric or asymmetric? Symmetric.

71. How does Windows 2003 Server try to prevent a middle-man attack on encrypted line? Time stamp is attached to the initial client request, encrypted with the shared key.

72. What hashing algorithms are used in Windows 2003 Server? RSA Data Security’s Message Digest 5 (MD5), produces a 128-bit hash, and the Secure Hash Algorithm 1 (SHA-1), produces a 160-bit hash.

73. What third-party certificate exchange protocols are used by Windows 2003 Server? Windows Server 2003 uses the industry standard PKCS-10 certificate request and PKCS-7 certificate response to exchange CA certificates with third-party certificate authorities.

74. What’s the number of permitted unsuccessful logons on Administrator account? Unlimited. Remember, though, that it’s the Administrator account, not any account that’s part of the Administrators group.

75. If hashing is one-way function and Windows Server uses hashing for storing passwords, how is it possible to attack the password lists, specifically the ones using NTLMv1? A cracker would launch a dictionary attack by hashing every imaginable term used for password and then compare the hashes.

76. What’s the difference between guest accounts in Server 2003 and other editions? More restrictive in Windows Server 2003.

77. How many passwords by default are remembered when you check “Enforce Password History Remembered”? User’s last 6 passwords.

78. What connector type would you use to connect to the Internet, and what are the two methods of sending mail over that connector? – SMTP Connector: Forward to smart host or use DNS to route to each address

79. What would a rise in remote queue length generally indicate? – This means mail is not being sent to other servers. This can be explained by outages or performance issues with the network or remote servers.

80. What would a rise in the Local Delivery queue generally mean? – This indicates a performance issue or outage on the local server. Reasons could be slowness in consulting AD, slowness in handing messages off to local delivery or SMTP delivery. It could also be databases being dismounted or a lack of disk space.

81. What are the standard port numbers for SMTP, POP3, IMAP4, RPC, LDAP and Global Catalog? – SMTP – 25, POP3 – 110, IMAP4 – 143, RPC – 135, LDAP – 389, Global Catalog – 3268

82. Name the process names for the following: System Attendant? – MAD.EXE, Information Store – STORE.EXE, SMTP/POP/IMAP/OWA – INETINFO.EXE

83. What are the disadvantages of circular logging? – In the event of a corrupt database, data can only be restored to the last backup.

84. What is a level 0 backup?

Level 0 backup is normal or full backup. A normal backup disregards the archive bit in all files and backs up all files and folders selected, regardless of when they were modified. A normal backup is the most complete type of backup, and the only type of backup that can be used to back up the registry and other critical system files. A normal backup takes the longest amount of time to back up and recover. A normal backup clears the archive bit on all files after backing up. Level 0 — Striped Disk Array without Fault Tolerance: Provides data striping (spreading out blocks of each file across multiple disk drives) but no redundancy. This improves performance but does not deliver fault tolerance. If one drive fails then all data in the array is lost.

85. What is an incremental backup?

An incremental backup is the quickest method for performing backups of data. An incremental backup only backs up files that have been created or modified (their archive bit is set to 1) since the last normal or incremental backup. An incremental backup also clears the archive bit (sets the archive bit back to 0) of all files that it backs up.

86. What steps are required to perform a bare-metal recovery?

reinstall the os.
start -> run -> type “ntbackup” -> ok -> next -> select restore -> next -> select backup files -> next -> finish

Most bare-metal recovery solutions require that a minimal OS be installed back onto the system. There is software out there that can assist with this. However it’s usually easier to just boot a box from a CD or network server, install a base OS, and recover from the last known good backup.

87. Name key files or directories on a UNIX system that should always be backed up.
/etc, /boot, /home

SOLARIS systems:
/etc – System configuration information.
/var/adm – additional log directory for Solaris.
/var/log – preserve log data for forensics if needed.
LINUX Systems:
/etc – system configuration information.
/boot – Linux kernel information
/var/log – Log data for forensics if needed.

88. Name key files or directories on a Windows system that should always be backed up.
%SystemDrive%\Documents and Settings

89. What is RAID 0?

RAID’s are of 2 types H/W and S/W RAID.
RAID 0 is basically a type of S/W RAID that ships with Windows Server..
It is a highly performance striped volume without parity…
The data is distributed into different parts and the placed over different volumes and hence improving the response time… You can use this with disks Betw. 2 to 32. you can not mirror a striped volume rather u can make fault tolerant by backing it up..

90. What is RAID 0+1? Why is it better than 0?

raid 0: it’s a striping process that means data’s dividing
raid 1: it’s a mirroring process so that raid 1 s better than raid 0
raid5: this s also striping and parity process
in this raid 5 used 4 partations.4 th one s spare
in case 2 nd partition s failed spare (i mean 4 th ) s activate to 2 nd partition
RAID 1+0:
Mirroring + Striping: _MIRRORS_ are striped across multiple disks. Faster than 0+1, but not as redundant.

91. What is RAID-5?

RAID 5:
RAID with parity. Data is striped across multiple disks. A disk or disks in a RAID-5 set is reserved for parity information. This way data can be reconstructed using the parity information.

92. Why would you NOT want to encapsulate a root directory with Veritas?

This is not nessacarily the case anymore with versions of VxFS greater than 4.5. root disk encapsulation requires kernel-level drivers in most cases. Because of this, encapsulating the root partition can make it unreadable in a bare-metal recovery situation.

93. What is concatenation?

Concatination is a process whereby multple disk drives are combined into a larger volume. e.g. 2 drives, 1 30 GB drive, and a 10 GB drive are combined to present a 40GB drive to the OS.

94. What is striping?

A technique for spreading data over multiple disk drives. Disk striping can speed up operations that retrieve data from disk storage. The computer system breaks a body of data into units and spreads these units across the available disks. Systems that implement disk striping generally allow the user to select the data unit size or stripe width. Disk striping is available in two types. Single user striping uses relatively large data units, and improves performance on a single-user workstation by allowing parallel transfers from different disks. Multi-user striping uses smaller data units and improves performance in a multi-user environment by allowing simultaneous (or overlapping) read operations on multiple disk drives. Striping is a process whereby data is split across multiple disks. This is typically done with identical drives. Data being written is split into small blocks (8-32K typically) and written across as many drives that are in the striped volume. The block-size is typically called an ‘interlace’ or ‘interleave’ factor. This makes writing and reading data much faster than writing to a single disk.

95. What is a spindle?

Spindles are the center-points of disk drives.. the rotating shaft. The reason this question could be relevant is that when discussing RAID, it’s not uncommon to hear terms like “Spliting data across as many spindles as possible to achieve performance”…

4. What is APIPA?
A TCP/IP feature in windows that automatically configures a unique IP address from the range 169.254.0.1 to 169.254.255.254 and a subnet mask of 255.255.0.0 when the tcp/ip protocol is configured for dynamic addressing and a DHCP server is not available. The apipa range is reserved by the IANA and are not used on internet.
5. What is an RFC? Name a few if possible (not necessarily the numbers, just the ideas behind them)
Request for comments- An official document of the Internet Engineering Task force that specifies the details for protocols included in the TCP/IP family
6. What is DHCP? What are the benefits and drawbacks of using it?
DHCP is an open, industry standard protocol that reduces the complexity of networks based on TCP/IP. Defined in RFC 2131 and RFC2132.
Benefits-
a. Centralised administration of IP Configuration
b. Dynamic host configuration
c. Seamless IP host configuration
d. Flexibility
e. Scalability

7. What is the DHCPNACK and when do I get one? Name 2 scenarios.
Sent by a DHCP server to a DHCP client to deny the client’s DHCPREQUEST. This might occur if the requested address is incorrect because the client has moved to a new subnet or because the DHCP client’s lease expired and cannot get renewed. After receiving the DHCPNACK message the client must begin the lease or renewal or lease process again.
8. What ports are used by DHCP and the DHCP clients?
UDP 67 & 68
9. What is DHCPINFORM?
Sent from DHCP client to DHCP server to ask only for additional local configuration parameters; the client already has a configured IP address. This method is also used to detect unauthorized DHCP servers.

10. What are User Classes and Vendor Classes in DHCP?
User Classes- Created at the discretion of the DHCP Administrator
Vendor Classes- Created by the vendor and could not be changed
11. What is the BOOTP protocol used for, where might you find it in Windows network infrastructure?
A protocol used primarily on TCP/IP networks to configure diskless workstations. RFC 951 & RFC 1542 defines this.
12. DNS zones – describe the differences between the 4 types.
a. Standard primary zones- stores a read/write copy of the dns zones in which resource records are created and managed. Only one server can host and load the master copy of the zone, no additional primary servers for the zone are permitted, and only the server hosting the primary zone is allowed to accept dynamic updates and process zone changes.
b. Standard secondary zone- is a read only copy of the standard primary dns zone. performing a zone transfer which is done by simply copying the zone file from the primary to secondary server, creates a secondary zone.ven secondary zone is created, u must specify the IP address of one or more master dns servers from which u want to copy the zone. these are referred as secondary zone database files. These database files are regularly updated from the primary zone database.
c. in-addr.arpa zones- used for ip address to host name resolution. eg- reverse look up zone for the subnet 192.168.100.0 is 100.168.192.in-addr.arpa .in-addr.arpa domain tree makes use of the pointer (PTR) resource records, which is used to associate the IP address with the host names. Reverse look up queries often are used by network applications for verification rather than identification or as a tool for monitoring and troubleshooting the DNS service. in-addr.arpa- ipv4 ip6.arpa- ipv6. reverse dns zones have the same start of authority (SOA) and name server (NS) resource records as forward look up zones.
d. Stub zones- is a copy of a zone that contains only those resource records necessary to identify the authoritative dns servers for that zone. a stub zone is a pointer to the dns server that is authoritative for that zone, and it is used to maintain or improve dns resolution efficiency. Contains a subset of zone data consisting of SOA, NS and an A record. Resource record in stub zone cannot be modified. it enables a dns server to perform recursion by using the stub zone’s list of name servers without needing to query the internet or internal root server for the dns namesapce.

13. DNS record types – describe the most important ones.
Start Of Authority (SOA) records- indicates the starting point or original point of authority for information stored in a zone. It contains all the zone specific information for the dns server to use when maintaining the zone. first resource record created when a creating a zone.
Name server (NS) resource record- identifies a dns server that is authoritative for a zone. Name of the dns server that is authoritative for a zone is stored in RDATA field. Used to indicate both primary and secondary dns servers for the zone specified in the SOA resource record and to indicate the dns servers for any delegated zones. In case of multiple authoritative server u need to have ns record for each server. 1st ns record is created when zone is created
HOST ADDRESS (A) RESOURCE record- maps fqdn to ip address following fields-
a. owner, ttl, class and type
b. rdata field is the ip address of the owner
PTR Resource Record- performs reverse function of the A resource record by mapping ip add to fqdn
Canonical name resource record (CNAME) creates alias for a specified fqdn. to hide implementation details of ur network from the clients that connects to it. eg- ftp.na.contoso.com IN CNAME ftp1.na.contoso.com
Mail exchange (MX) resource record- specifies a server that is willing to act as a mail server for a dns name. Mail server identified by an MX record is a host that either processes or forwards mails for a dns name. smtp smart host- host capable of using mx records
SRV (service locator) resource record- helps to specify location of servers that provide a specific network service over a specific protocol and in a specific domain. netlogon service uses the srv records
format-_service_protocol.name[ttl] class srv priority weight port target
14. What is the “in-addr.arpa” zone used for?
in-addr.arpa zones- used for ip address to host name resolution. eg- reverse look up zone for the subnet 192.168.100.0 is 100.168.192.in-addr.arpa . in-addr.arpa domain tree makes use of the pointer (PTR) resource records, which is used to associate the IP address with the host names. reverse look up queries often are used by network applications for verification rather than identification or as a tool for monitoring and troubleshooting the DNS service.
in-addr.arpa- ipv4; ip6.arpa- ipv6
15. Name 3 benefits of using AD-integrated zones.
a. fault tolerance- information stored in multiple servers
b. security- DACL can be used to assign relevant right for modifying the zones
c. zones are multimaster- zones can be updated in more than one location. all sc wher zone is stored can be modified
d. efficient replication- AD replication aids the dns replication
e. secondary zones- zones stored in AD can also b transferred in the same way
16. What are the benefits of using Windows 2003 DNS when using AD-integrated zones?
a. fault tolerance- information stored in multiple servers
b. security- DACL can be used to assign relevant right for modifying the zones
c. zones are multimaster- zones can be updated in more than one location. all sc wher zone is stored can be modified
d. efficient replication- AD replication aids the dns replication
e. secondary zones- zones stored in AD can also b transferred in the same way

17. What are the benefits and scenarios of using Stub zones?
stub zones- is a copy of a zone that contains only those resource records necessary to identify the authoritative dns servers for that zone. a stub zone is a pointer to the dns server that is authoritative for that zone, and it is used to maintain or improve dns resolution efficiency. contains a subset of zone data consisting of SOA, NS and an A record. resource record in stub zone cannot be modified. it enables a dns server to perform recusrsion by using the stub zone’s list of name servers without needing to query the internet or internal root server for the dns namesapce. helps to distribute a list of the authoritative dns servers for a zone without using secondary zones.stub zone does not provide redundancy or load sharing
18. What are the benefits and scenarios of using Conditional Forwarding?
Conditional forwarder forwards queries according to specific domain names. Enables a DNS server to forward queries to other DNS servers based on the DNS names in the queries.
Used in case of merger of two companies.
19. What are the differences between Windows Clustering, Network Load Balancing and Round Robin, and scenarios for each use?
Round Robin- Load balancing mechanism used by DNS servers to share and distribute network resource loads. If multiple resource records satisfy a query, you can use round robin to rotate the order of resource record types returned to the client. By default, DNS uses round robin to rotate the order of resource record data returned in query answers in which multiple reoruce records of the same type exist for a queried DNS domain name.
20. How do I clear the DNS cache on the DNS server?
Ipconfig /flushdns
21. What is WINS and when do we use it?
A software service that dynamically maps IP addresses to computer names (Netbios names). Enables users to access resources by names instead of requiring them to use IP addresses that r difficult to remember.
22. What is the difference between tombstoning a WINS record and simply deleting it?
Tombstoning means keeping the deleted records. Default time is 60 days.
23. Describe the role of the routing table on a host and on a router.
Routing table contains entries called routes that provide directions toward destination networks or hosts. It servers as a decision tree that enables to IP to decide the interface and gateway through which it should send the outgoing traffic.
24. What are routing protocols? Why do we need them? Name a few.
RIP, OSPF, IGMP, DHCP RELAY AGENT
25. What is VPN? What types of VPN does Windows 2000 and beyond work with natively?
Extension of a private network that encompasses encapsulated, encrypted, and authenticated links across shared or public networks, VPN connections can provide remote access and routed connections to private networks over the internet.
26. How does SSL work?
A proposed open standard for establishing a secure communication channel to prevent the interception of critical information like credit card numbers.
27. How does IPSec work?
IPSEC is a suite of protocols and cryptographic algorithms that provide security at the internet layer, regardless of the application sending or receiving data.
28. What can you do with NETSH?
The Network Shell utility (Netsh.exe) can perform a wide range of system configuration tasks. You can use commands in the Netsh Interface IP context to configure the TCP/IP protocol (including addresses, default gateways, DNS servers, and WINS servers) and to display configuration and statistical information.

Once the server is restarted the issue is resolved.

New and update features:-

1. Internet Information Services (IIS) v6.0 – A significantly improved version of IIS.
2. Increased default security over previous versions, due to the built-in firewall and having most services disabled by default.
3. Significant improvements to Message Queuing.
4. Manage Your Server – a role management administrative tool that allows an administrator to choose what functionality the server should provide.
5. Improvements to Active Directory, such as the ability to deactivate classes from the schema, or to run multiple instances of the directory server (ADAM)
6. Improvements to Group Policy handling and administration
7. Provides a backup system to restore lost files
8. Improved disk management, including the ability to back up from shadows of files, allowing the backup of open files.
9. Improved scripting and command line tools, which are part of Microsoft’s initiative to bring a complete command shell to the next version of Windows.
10. Support for a hardware-based “watchdog timer”, which can restart the server if the operating system does not respond within a certain amount of time.