Sa questions

Question 1

1. If you are setting up a new Microsoft 2008 domain what servers and server roles would you need?

Answer 1

Active Directory, File Server, Print Server, DHCP,DNS, Extra if they say IIS, SharePoint, SQL, Microsoft Exchange, and so on.

Question 2

2. What are the three types of log files in the event viewer?

Answer 2

Application logs, security logs, system logs.

They contain error logs, warnings, and information logs.

Question 3

3. You come into work one morning and your server has crashed and is on the blue screen of death. What’s the first few things you would do

Answer 3

Write down the 0xXXX error code on the blue screen and Google it and check the Microsoft website.

Check the event logs for the error log at the time of the crash and investigate the logs to see what the server was doing prior to the crash.

If kernel crash dump is turned on. Locate the temp folder that has the crash dump and analyze it to see what caused the crash.

Question 4

What Microsoft tool can you use to look for open ports on a server?

Answer 4

Using the net stat command.

Bonus if they know "Net stat -an | find / I listening" 

You can also Telnet to a port.

Question 5

How would you create and delete a hidden administrative share on a file server and not use command prompt or Explorer?

Answer 5

Admin tools > computer management > sharedfolders > right click shares and create new file share > type the path of the folder to share, type the name with a $ sign in the end.

NAME < Caution-http://5.NAME > $

Make the share accessible to administrators only, other users have no access and click finish

Question 6

What would become instances where it would be a good idea to utilize SAN technology?

Answer 6

Storage area network, SAN’s are storage devices that would attach to a server and appear as it was attached locally to the operating system.

SAN’s are best utilized in instances of clusters and high availability technology that need to utilize a single shared logical drive, or servers that are running databases or exchange with heavy disk and page file utilization

Question 7

What are some Active Directory MMC snap in tools? What do they do?

Answer 7

Active directory users and computers, Active directory sites and services, Terminal Services manager, DNS, DHCP, and so on. MCC snap ins are the primary admin consoles built into active directory for management

Question 8

What is an OU in active directory? What types of objects can be found in an OU?

Answer 8

Organizational unit is primary a container in AD.. Security objects such as user accounts, computers, security groups, and distribution groups

Question 9

9. If you have 2 DC’s and one crashes and the only back up you have is from 3 months ago. Why it is a bad idea to restore from the back up and what would you do?

Answer 9

It can cause USN Rollback and massive data loss in AD.

A new DC should replace the old DC.

Bonus points if they mention running a met a data cleanup, DC Promo to demote the old dc, and DCPROMO the new replacement DC.

What are Tombstone records?

Question 10

10. A team of JR system admins need full control of an OU to modify and create objects, and only in that OU. How would you give them admin rights in that OU only

Answer 10

Open Active directory users and computers, right click on the specific OU, and use the delegate control wizard and grant admin rights to the group of JR admins.

Question 11

How do you insure that a particular computer gets the same IP every time it connects to the network

Answer 11

Add a mac address reservation to the vlan scope that the workstation is in.

Question 12

What is a DHCP scope? What are some of the options you can set in DHCP?

Answer 12

Setting=WINS ,DNS, NTP, Netbios, Bootp, Gateway, Subnet Mask, TFTP

Question 13

Name four common DNS record types and what they do.

Answer 13

A = Ip address of the host.
CNAME = Alias for sub domains to an A record.
MX = Mail Exchange.
PTR = Point to record to a canonical name in the in-addr.arpa zone
NS = Name Server
SRV= Service locator
SOA=start of authority 
AAAA=IPV6 address record

Question 14

If all users are unable to access a particular website from your domain, but the website is accessible from everywhere else, and you have tracked the issue down to DNS. What are some troubleshooting steps you should take

Answer 14

14-16.Check to see if you can get to the site or resolve the site from the DNS server.

14-16.Check cached information on the dns server to see what records are available for the website.
14-16Clear out the dns cache if needed
14-16.Do an Nslookup on the website and see if you get results. Do an NSlookup from another public dns server and compare the results. You need to set up a forwarder to the website if you can’t route to it for some reason.

Question 15

Your domain has a member print server that has 50 printers configured on it. Suddenly users are reporting that no one is able to print. The server is running okay. What troubleshooting steps would you take

Answer 15

14-16.Check to see if you can get to the site or resolve the site from the DNS server.

14-16.Check cached information on the dns server to see what records are available for the website.
14-16Clear out the dns cache if needed
14-16.Do an Nslookup on the website and see if you get results. Do an NSlookup from another public dns server and compare the results. You need to set up a forwarder to the website if you can’t route to it for some reason.

Question 16

What are some windows services that can be clustered? What are the advantages of clustering services

Answer 16

14-16.Check to see if you can get to the site or resolve the site from the DNS server.

14-16.Check cached information on the dns server to see what records are available for the website.
14-16Clear out the dns cache if needed
14-16.Do an Nslookup on the website and see if you get results. Do an NSlookup from another public dns server and compare the results. You need to set up a forwarder to the website if you can’t route to it for some reason.

Question 17

What MMC would you install to manage group policy configuration

Answer 17

Group Policy management console.

Question 18

In what order are group policies applied

Answer 18

Local, Site, Domain, Ou

Question 19

What command scan you use to check what group policy is being applied to a user and computer on a server or desktop? What command do you use to update group policy?

Answer 19

Gpresult.exe and Rsop.msc

Gpupdate to update group policy.

Bonus if they know what “Gpupdate /force/sync” does.

clears out all group policy with force switch, and sync will delete all GPO’s on work station, reboot the work station, and apply a fresh copy of all policies

Question 20

How would you prevent an OU from receiving any group policies that are applied at the domain level?

Answer 20

Block inheritance on the OU

Question 21

What is SCCM and what is it used for

Answer 21

SCCM is the System Center Configuration Manager server, and it is used in conjunction with SCCM clients installed on workstations to install windows updates, software patches, and workstation images over the network

Question 22

What is the enterprise root certificate authority?

Answer 22

An enterprise root CA is the certificate server at the root of the hierarchy for a Windows domain. It is the most trusted CA in the enterprise and must have access to Active Directory service

Question 23

What is a CRLin relation to an enterprise certificate authority

Answer 23

The CRL is the certificate revocation list. It is the container that holds all revoked certificates.

Applications that use certificates can check against the CRL to see what certificate are currently active or revoked

Question 24

What is the send as permission and how would you grant a user send as rights

Answer 24

The Send as permission will grand a user send as right to another users exchange mailbox so the email looks like it’s coming from the other user.
You can grant rights to the users email account from the ADUC console

Question 25

What is the Exchange Management Console and what are some of its features

Answer 25

The Exchange Management Console is the front-end administrative tool for Exchange, where you can manage exchange servers, mail queues, hub transport, mailboxes and distribution lists

Question 26

How do you set the mailbox storage limit on an individual mailbox? What are the different configurable limits you can set?

Answer 26

Issue warning (KB)

Prohibit send at (KB) Prohibit

Send and receive at (KB)

Question 27

What is an IP address? How would you determine the IP address of a work station on the network?

Answer 27

IP stands for Internet Protocol and is used by devices to communicate over the network…an IP of a workstation on the network is determined by the range of IPs that the company has set in place

Question 28

What is a subnet mask?

Answer 28

A subnet mask basically divides IP networks for security & routing

Question 29

What is a default gateway?

Answer 29

the Default Gateway is basically a router used to send information to a computer on another network

Question 30

What does the “Tracert” command do?

Answer 30

Tracert is the path packets of information takes when they leave your computer to one whatever you’re trying to connect to.

Question 31

Are you familiar with DHCP? In your own words can you explain how DHCP works?

Answer 31

DHCP…. (Dynamic Host Configuration Protocol)…it assigns IPs to devices on the network

Question 32

Are you familiar with DNS? In your own words, can you explain what DNS is?

Answer 32

DNS….Domain Name Systems….links host names to specific IP addresses…like for example…the IP address for Example :Google.com is 8.8.8.8

Question 33

A user calls and states that they are unable to access www.yahoo.com from their work station. What are some troubleshooting steps you can take to determine the cause of the problem?

Answer 33

First, I would check the IP address of the computer in Windows Powershell to make sure it is connected to the network,
I would also clear the browsing history & cache on the computer, and would also try to access the website from another computer to make sure the site is not down

Question 34

How would you configure an XP workstation to use a static IP address?

Answer 34

Windows XP configuring Static IP: Start Menu -> select Control Panel -> click Network Connections -> click Local Area Connection -> Click Properties ->
Click Internet Protocol - > click Properties again -> then input the desired IP Address, Subnet Mask, Default Gateway, & DNS Servers

Question 35

A desktop user calls and they are unable to access any network resources. You type Ipconfig /all and see that the workstation ip is set to 169.254.xxx.xxx. The network cable is connected and both lights flash. What would this indicate?

Answer 35

A 169 IP basically means the device could not reach the DHCP server to get an IP assigment so the device is NOT connecting to the network

Question 36

What protocol is associated with port 80?

Answer 36

Port 80 is associated with HTTP…which is Non-secure communication….
If they ask for elaboration (HYPERTEXT TRANSFER PROTOCOL presents info to the user but is not concerned with how the info got from point A to point B)

Question 37

What protocol is associated with port 443?

Answer 37

Port 443 is associated with HTTPS….which is Secure communication…..
if they ask for elaboration (SECURE HYPERTEXT TRANSFER PROTOCOL…is concerned with HOW the info was transferred from the user to the receiver)

Question 38

What is a MAC Address?

Answer 38

MAC Address (Media Access Control) is the Physical Hardware Identification Number of a computer....  If they ask for elaboration....it is tied into the computers NIC (Network Interface Card)...ALL network devices have a MAC Address...computers, laptops, ipads  13) A user would like access to a shared network drive on the network. The user already has permissions to access the drive. How can the user access the shared folder from his/her workstation?
The user's computer would have to be mapped to the shared drive....Steps:  Start Menu ->  Click Computer ->  Click Tools -> click Map Network Drive -> Search for the desired shared drive or folder

Question 39

How do you access the computer management console?

Answer 39

Start Menu -> Run -> type MMC -> Click file to Add/Remove Snap-ins for Users Accounts, Computers, DHCP, etc…

Question 40

A user is trying to access a folder on a network shared drive, and is able to read the files in the drive but is unable to save any changes made to the files. What level of rights does the user need on the folder to save file changes?

Answer 40

The user needs “Modify Rights” in order to save changes made to files in the folder.

Question 41

A user is complaining that his mailbox keeps going over the size limit. He receives a lot of emails and can’t delete any of them because he needs them. He asks for a suggestion on how to deal with this issue, what would you recommend?

Answer 41

I would recommend the user to create a PST file for his mailbox to be able to store more emails

Question 42

A user is trying to access a folder on the network but is receiving an error that states “access denied”. What would cause this issue?

Answer 42

The user has not been granted “Read Rights” to be able to access that folder

Question 43

A user is attempting to map a new printer to his desktop but is unable to. Other users in the department are able to access the printer just fine. What can you do to resolve this issue?

Answer 43

I would first, restart the user’s computer and then attempt to Manually map the user to the printer by using the printer’s IP address

Question 44

When you open the event viewer what logs do you see?

Answer 44

Windows Logs; which includes Application Logs, Security, Setup, System events & Forwarded events. (if they want an Example….the Event logs record events on a computer like when a user logs on to the computer or a program encounters an error)

Question 45

A user is complaining that the XP workstation they are currently using is really slow. The user was able to do everything just fine up until a few weeks ago, when everything started to slow down over time. What are some troubleshooting steps you would take to investigate the problem?

Answer 45

I would check to see if the machine is overloaded with unneeded files or software/downloads that the user no longer needs; then I will check to see if the machine requires any new software updates or patches

Question 46

A user calls you at the helpdesk and complains that her workstation is crashing and restarting a few times a day. You check the event logs and see an error you have never seen before. What would you do?

Answer 46

I would consult a few colleagues to see if they have any advice on this particular error, If Not,
I will proceed to Google to do a little research on the error message

Question 47

A user calls the helpdesk and she would like to drop off her laptop to get re-imaged. She does not want to loose any of her data or her profile. What would you recommend the user does before dropping off her laptop?

Answer 47

I would recommend the user to backup her profile to save all of her data before dropping off the laptop

Question 48

How do you configure Microsoft outlook to connect to a local exchange server on the domain?

Answer 48

Click on the Start Menu -> Click Control Panel -> Click Mail -> Click Email Accounts -> Click New -> Click Email ->
The account can be done through Auto Account Setup or Manual Setup…if you want to do it Manually then Click Manual Setup -> Microsoft Exchange Server ->
Type in Server Name & Your Profile Username ->

Question 49

What command can you use to view group policies applied on a users desktop?

Answer 49

They can be viewed through the Command Line by clicking the Start Menu & typing the command: gpresult /Scope User /v

Question 50

How can you update group policy on a users work station?

Answer 50

Click the Start Menu -> Open Windows Powershell -> type “GP UPDATE”

Question 51

How can you check the hardware specs on a work station from windows xp, and check if attached hardware is configured and functioning right?

Answer 51

These things can be checked in the “Device Manager”

Question 52

Walk me through the process of creating a new user account in active directory.

Answer 52

Open Active Directory using an Elevated Rights Account -> Open the Console -> click the dropdown next to the swa domain -> click on the drop down next to the proper Country or Unit -> Click on the Unit’s OU (Organization) -> Right Click on Users -> Select “New User” to create the account

Question 53

How do you reset a users password in active directory

Answer 53

Simplest way is to search for the user’s name -> Right Click -> Click Reset Password
(if they want the LONG way of doing this) Revert back to the steps in #1 up to the part of Right Click on Users -> Search For User’s Name -> Right Click & select Reset Password
(if they ask…the password must be at least 14 characters long…must have 2 Uppercase, 2 Lowercase, 2 Numbers, 2 Special Characters)

Question 54

A user is attempting to log in and receiving an error that states “Windows cannot connect to the domain either because the domain controller is down or otherwise unavailable” What would this indicate

Answer 54

This error indicates that the Computer is not authenticating with Active Directory…the computer may possibly have the Wrong Host Name on the machine itself or In Active Directory

Question 55

How do you add a new work station, or remove and re-add a workstation to the domain

Answer 55

Go to Start Menu -> Right Click Computer -> Click Properties -> click Change Settings -> Enter Elevated Rights Account Username & Password -> Under Computer Name click “Change” ->
To ADD the machine to the domain select “Member Of Domain” and enter the name of the domain……..OR to REMOVE to the domain select “Workgroup” and type any words here then click OK & Apply

Question 56

You need to increase the mailbox quota size on a users exchange mailbox. What tool would you use to accomplish this?

Answer 56

he DISA DEPO website is used to increase the size of a user’s mailbox

Question 57

How do you create and add users to an exchange distribution group?

Answer 57

An Exchange Distribution Group is created through the DISA DEPO website by single entry template uploads or manually by inputting the information into the system from the template…..Users can be added manually during this process OR can be added later by whomever is assigned as the OWNER of the Group

Question 58

How do you create and add users to a security group?

Answer 58

Search for the Security Group in Active Directory -> Click on “Members” -> click Add -> enter user’s name
OR Search for the user who wants to be added to the group -> click on “Members OF” - Click Add -> enter the name of the Security Group they want to be added to

Question 59

You received a call from a user, and when he tries to log in, he receives an error that states “Your account has expired, please contact the system administrator”. How would you resolve this issue?

Answer 59

I would first figure out why the user’s account is expired, the most common issue is that the user’s Annual Cyber Awareness Training Certificate has expired (Which is the date the account exp dates are set to)…So If this is the case, I would inform the user that their annual training needs to be complete in order to extend the date

Question 60

How do you disable a user account?

Answer 60

(Short answer) Search for the user in Active Directory -> Right Click and Disable Account (Long answer) Revert back to the steps in #1 up to the part of Right Click on Users -> Then click Disable Account

Question 61

How do you disable a work station?

Answer 61

(Short answer) Search for the Computer Name in Active Directory -> Right Click & Disable Account (Long answer) Revert back to the steps in #1 up to the part of Right Click on Computer -> Then click Disable Computer
Find the workstation account in ADUC, right click and disable account

Question 62

Do you have any experience with PKI or Smart cards

Answer 62

Yes….(if they ask you to elaborate)….CAC Card & PKI Token Cards in order to log into NIPR & SIPR Computers

Question 63

Do you have any experience with Adobe Acrobat or PDF?

Answer 63

yes

Question 64

Do you have any experience with Remedy?

Answer 64

Yes….(if they ask you to elaborate)….ITSM Remedy is the ticketing systems for report IT related issues to various depts

Question 65

A user calls the helpdesk and asks for a status update on a ticket. The ticket is still sitting in another departments queue with out any updates. How would you handle this situation, what would you tell the customer

Answer 65

Tell the customer you will contact the department as soon as possible to get an update and
to see if that dept are still working on resolving that issue