CCNA

1) What is an IP address?
An Internet Protocol (IP) address is a numerical label that is assigned to devices participating in a computer
network utilizing the Internet an IP address is a 32-bit number that identifies each sender or receiver of
information that is sent in packets across the lan/Internet. An IP address has two parts: the identifier of a
particular network on the Internet and an identifier of the particular device (which can be a server or a
workstation) within that network. On the Internet itself that is, between the routers that move packets from
one point to another along the route only the network part of the address is looked at.
2) What is a subnet mask?
A subnet mask allows you to identify which part of an IP address are reserved for the network, and which part
is available for host use. If you look at the IP address alone, especially now with classless inter-domain routing,
you cannot tell which part of the address is which. Adding the subnet mask, or netmask, gives you all the
information you need to calculate network and host portions of the address with ease. In summary, knowing
the subnet mask can allow you to easily calculate whether IP addresses are on. Subnetting enables the network
administrator to further divide the host part of the address into two or more subnets.
3) What is ARP?
Short for Address Resolution Protocol, a network layer protocol used to convert an IP address into a physical
address (called a DLC address), such as an Ethernet address. A host wishing to obtain a physical
address broadcasts an ARP request onto the TCP/IP network. The host on the network that has the IP address
in the request then replies with its physical hardware address. ARP is a very important part of IP networking.
ARP is used to connect OSI Layer 3 (Network) to OSI Layer 2 (Data- Link). For most of us, that means that ARP
is used to link our IP addressing to our Ethernet addressing (MAC Addressing). For you to communicate with
any device on your network, you must have the Ethernet MAC address for that device. If the device is not on
your LAN, you go through your default gateway (your router). In this case, your router will be the destination
MAC address that your PC will communicate with.
4) What is ARP Cache Poisoning?
a method of attacking an Ethernet LAN by updating the target computers ARP cache with both a forged ARP
request and reply packets in an effort to change the Layer 2 Ethernet MAC address (i.e., the address of the
network card) to one that the attacker can monitor. Because the ARP replies have been forged, the target
computer sends frames that were meant for the original destination to the attackers computer first so the
frames can be read. A successful APR attempt is invisible to the user.
ARP cache poisoning, also known as ARP spoofing, is the process of falsifying the source Media Access Control
(MAC) addresses of packets being sent on an Ethernet network. It is a MAC layer attack that can only be carried
out when an attacker is connected to the same local network as the target machines, limiting its effectiveness
only to networks connected with switches, hubs, and bridges; not routers.
5) What is the ANDing process?
In order to determine whether a destination host is local or remote, a computer will perform a simple
mathematical computation referred to as an AND operation. While the sending host does this operation
internally, understanding what takes place is the key to understanding how an IP-based system knows whether
to send packets directly to a host or to a router. Notice that when the resulting AND values are converted back
to binary, it becomes clear that the two hosts are on different networks. Computer A is on subnet 192.168.56.0,
while the destination host is on subnet 192.168.64.0, which means that Computer A will next be sending the
data to a router. Without ANDing, determining local and remote hosts can be difficult. Once you are very
familiar with Subnetting and calculating ranges of addresses, recognizing local and remote hosts will become
much more intuitive. Whenever you are in doubt as to whether hosts are local or remote, use the ANDing
process. You should also notice that the ANDing process always produces the subnet ID of a given host.
6) What is a default gateway? What happens if I do not have one?
A default gateway is used by a host when an IP packets destination address belongs to some place outside the
local subnet. The default gateway address is usually an interface belonging to the LANs border router. In
computer networking, a default network gateway is the device that passes traffic from the local subnet to
devices on other subnets. The default gateway often connects a local network to the Internet, although internal
gateways for connecting two local networks also exist.

7) Can a workstation computer be configured to browse the Internet and yet NOT have a default
gateway?
If we are using public ip address, we can browse the internet. If it is having an intranet address, a gateway is
needed as a router or firewall to communicate with internet.
8) What is a subnet?
A portion of a network , which shares a network address in which each component is identified by a subnet
number. A subnet is a logical organization of network address ranges used to separate hosts and network
devices from each other to serve a design purpose. In many cases, subnets are created to serve as physical or
geographical separations similar to those found between rooms, floors, buildings, or cities.
9) What is APIPA?
Short for Automatic Private IP Addressing, a feature of later Windows operating systems. With APIPA, DHCP
clients can automatically self-configure an IP address and subnet mask when a DHCPserver is not available.
When a DHCP client boots up, it first looks for a DHCP server in order to obtain an IP address and subnet mask.
If the client is unable to find the information, it uses APIPA to automatically configure itself with an IP address
from a range that has been reserved especially for Microsoft. The IP address range is 169.254.0.1 through
169.254.255.254. The client also configures itself with a default class B subnet mask of 255.255.0.0. A client
uses the self- configured IP address until a DHCP server becomes available. The APIPA service also checks
regularly for the presence of a DHCP server (every five minutes, according to Microsoft). If it detects a DHCP
server on the network, APIPA stops, and the DHCP server replaces the APIPA networking addresses with
dynamically assigned addresses. APIPA is meant for non-routed small business environments, usually less than
25 clients.
10) What is an RFC? Name a few if possible (not necessarily the numbers, just the ideas behind them)
Short for Request for Comments, a series of notes about the Internet, started in 1969 (when the Internet was
the ARPANET). An Internet Document can be submitted to the IETF by anyone, but the IETF decides if the
document becomes an RFC. Eventually, if it gains enough interest, it may evolve into an Internet standard. Each
RFC is designated by an RFC number. Once published, an RFC never changes. Modifications to an original RFC
are assigned a new RFC number.
11) What is RFC 1918?
RFC 1918 is Address Allocation for Private Internets The Internet Assigned Numbers Authority (IANA) has
reserved the following three blocks of the IP address space for private internets: 10.0.0.0 10.255.255.255
(10/8 prefix) 172.16.0.0 172.31.255.255 (172.16/12 prefix) 192.168.0.0 192.168.255.255 (192.168/16
prefix) We will refer to the first block as 24-bit block, the second as 20-bit block, and to the third as 16-bit
block. Note that (in pre-CIDR notation) the first block is nothing but a single class A network number, while the
second block is a set of 16 contiguous class B network numbers, and third block is a set of 256 contiguous class
C network numbers.
12) What is CIDR?
CIDR (Classless Inter-Domain Routing, sometimes known as super netting) is a way to allocate and specify the
Internet addresses used in inter-domain routing more flexibly than with the original system of Internet
Protocol (IP) address classes. As a result, the number of available Internet addresses has been greatly
increased.
13) You have the following Network ID: 192.115.103.64/27. What is the IP range for your network?
It ranges from 192.115.103.64 192.115.103.96 But the usable address are from 192.115.103.64
192.115.103.94 192.115.103.95 it is the broadcast address 192.115.103.96 will be the ip address of next
range we can use 30 hosts in this network
14. You have the following Network ID: 131.112.0.0. You need at least 500 hosts per network. How
many networks can you create? What subnet mask will you use?
If you need 500 users then 2^9th would give you 512 (remember the first and last are network and broadcast),
510 usable. Therefore, of your 32 bits you would turn the last 9 off for host and that would give you give you a
255.255.254.0 subnet mask (11111111.11111111.11111110.00000000). Now that we know that, we can see
that you have the first 7 of your third octet turned on so to figure out how many subnets you have us the
formula. 2^7th= 128. Therefore, you can have 128 subnets with 500 people on them.

15. You need to view at network traffic. What will you use? Name a few tools.
Winshark or tcp dump, or ethereal (available in our file server)
16. How do I know the path that a packet takes to the destination?
Use tracert command-line
17. What does the ping 192.168.0.1 -l 1000 -n 100 command do?
The ping command will send roundtrip packets to a destination (other PC, router, printer, etc.) and see how
long it takes. The 192.168.0.1 is the destination (which, by the way is a typical default IP address of a router.)
The -l 1000 is how big the packet should be in bytes. The default is 32, if the -l parameter is not used. In
addition, the -n 100 is saying to send it 100 times. The default is 4, when this parameter is not used.
18. What is DHCP? What are the benefits and drawbacks of using it?
Benefits:
1.
DHCP minimizes configuration errors caused by manual IP address configuration.
2.
Reduced network administration.
Disadvantage:
Your machine name does not change when you get a new IP address. The DNS (Domain Name System) name is
associated with your IP address and therefore does change. This only presents a problem if other clients try to
access your machine by its DNS name.
19. Describe the steps taken by the client and DHCP server in order to obtain an IP address.
* At least one DHCP server must exist on a network. Once the DHCP server software is installed, you create a
DHCP scope, which is a pool of IP addresses that the server manages. When clients log on, they request an IP
address from the server, and the server provides an IP address from its pool of available addresses.
* DHCP was originally defined in RFC 1531 (Dynamic Host Configuration Protocol, October 1993) but the most
recent update is RFC 2131 (Dynamic Host Configuration Protocol, March 1997). The IETF Dynamic Host
Configuration (dhc) Working Group is chartered to produce a protocol for automated allocation, configuration,
and management of IP addresses and TCP/IP protocol stack parameters.
20. What is the DHCPNACK and when do I get one? Name 2 scenarios.
Recently I saw many queries regarding when the Microsoft DHCP server issues a NAK to DHCP clients.
For simplification purposes, I am listing down the possible scenarios in which the server should NOT issue a
NAK. This should give you a good understanding of DHCP NAK behavior. When a DHCP server receives a DHCP
Request with a previously assigned address specified, it first checks to see if it came from the local segment by
checking the GIADDR field. If it originated from the local segment, the DHCP server compares the requested
address to the IP address and subnet mask belonging to the local interface that received the request. DHCP
server will issue a NAK to the client ONLY IF it is sure that the client, on the local subnet, is asking for an
address that does not exist on that subnet. The server will send a NAK EXCEPT in the following scenarios:1. Requested address from possibly the same subnet but not in the address pool of the server:This can be the failover scenario in which 2 DHCP servers are serving the same subnet so that when one goes
down, the other should not NAK to clients, which got an IP from the first server.
2. Requested address on a different subnet:If the Address is from the same super scope to which the subnet belongs, DHCP server wills ACK the REQUEST.
21. What ports are used by DHCP and the DHCP clients?
Requests are on UDP port 68, Server replies on UDP 67
22. Describe the process of installing a DHCP server in an AD infrastructure.
Use Add/Remove program wizard.
23. What is DHCPINFORM?
DHCP Inform is a DHCP message used by DHCP clients to obtain DHCP options. While PPP remote access clients
do not use DHCP to obtain IP addresses for the remote access connection, Windows 2000 and Windows 98
remote access clients use the DHCP Inform message to obtain DNS server IP addresses, WINS server IP
addresses, and a DNS domain name. The DHCP Inform message is sent after the IPCP negotiation is concluded.

The DHCP Inform message received by the remote access server is then forwarded to a DHCP server. The
remote access server forwards DHCP Inform messages only if it has been configured with the DHCP Relay
Agent.
24. Describe the integration between DHCP and DNS.
Traditionally, DNS and DHCP servers have been configured and managed one at a time. Similarly, changing
authorization rights for a particular user on a group of devices has meant visiting each one and making
configuration changes. DHCP integration with DNS allows the aggregation of these tasks across devices,
enabling a companys network services to scale in step with the growth of network users, devices, and policies,
while reducing administrative operations and costs.
This integration provides practical operational efficiencies that lower total cost of ownership. Creating a DHCP
network automatically creates an associated DNS zone, for example, reducing the number of tasks required of
network administrators. In addition, integration of DNS and DHCP in the same database instance provides
unmatched consistency between service and management views of IP address-centric network services data.
25. What options in DHCP do you regularly use for an MS network?
Automatic providing IP address, Subnet mask, DNS server, Domain name, Default getaway or router.
26. What are User Classes and Vendor Classes in DHCP?
Microsoft Vendor Classes The following list contains pre-defined vendor classes that are available in Windows
2000 DHCP server. Class Data Class Name Description MSFT 5.0 Microsoft Windows 2000 options Class that
includes all Windows 2000 DHCP clients. MSFT 98 Microsoft Windows 98 options Class that includes all
Windows 98 and Microsoft Windows Millennium Edition (Me) DHCP clients. MSFT Microsoft options Class that
includes all Windows 98, Windows Me, and Windows 2000 DHCP clients. If you have non-Microsoft DHCP
clients, you can define other vendor-specific classes on the DHCP server. When you define such classes, make
sure the vendor class identifier that you define matches the identifier used by the clients.
User Classes
The following list contains pre-defined user classes that are available in Windows 2000 DHCP server. Collapse
this table Expand this table Class ID Class Type Description Unspecified Default user class All DHCP clients that
have no user class specified. RRAS. Microsoft Default Routing and Remote Access class All Dial-Up Networking
(DUN) clients. Bootp Default Bootp class All Bootp clients. In addition to these pre-defined classes, you can also
add custom user classes for Windows 2000 DHCP clients. When you configure such classes, you must specify a
custom identifier that corresponds to the user class defined on the DHCP server.
27. How do I configure a client machine to use a specific User Class?
The command to configure a client machine to use a specific user class is ipconfig /setclassid <Name of your
Network card> <Name of the class you created on DHCP and you want to join (Name is case sensitive)>
E.g.: ipconfig /setclassid Local Area Network Accounting
28. What is the BOOTP protocol used for, where might you find it in Windows network infrastructure?
Bootp (RFC951) provides
* A unique IP address to the requester (using port 67) similar to the DHCP request on port 68 AND
* can provide (where supported) the ability to boot a system without a hard drive (i.e.: a diskless client)
Apple OS X 10.* Server supports Bootp (albeit) renamed as NetBoot. The facility allows the Admin to maintain a
selected set of configurations as boot images and then assign sets of client systems to share(or boot from) that
image. For example, Accounting, Management, and Engineering departments have elements in common, but
which can be unique from other departments. Performing upgrades and maintenance on three images is far
more productive that working on all client systems individually. Startup is obviously network intensive, and
beyond 40-50 clients, the Admin needs to carefully subnet the infrastructure, use gigabit switches, and host the
images local to the clients to avoid saturating the network. This will expand the number of Bootp servers and
multiply the number of images, but the productivity of 1 Bootp server per 50 clients is undeniable Sun micro,
Linux, and AIX RS/600 all support Bootp. To date, Windows does not support booting diskless clients.
29. DNS zones describe the differences between the 4 types.
Dns zone is actual file, which contains all the records for a specific domain.
i) Forward Lookup Zones: - This zone is responsible to resolve host name to ip.
ii) Reverse Lookup Zones: - This zone is responsible to resolve ip to host name.

iii) Stub Zone: - Stubzone is read only copy of primary zone. However, it contains only 3 records via the SOA for
the primary zone, NS record and a Host (A) record.
30. DNS record types describe the most important ones. Type of Record what it does.
A (Host) Classic resource record. Maps hostname to IP(ipv4) PTR Maps IP to hostname (Reverse of A (Host)
AAAA Maps hostname to ip (ipv6) Cname Canonical name, in plain English an alias. such as Web Server,FTP
Server, Chat Server NS Identifies DNS name servers. Important for forwarders MX Mail servers, particularly for
other domains.MX records required to deliver internet email. _SRV required for Active Directory. Whole family
of underscore service, records, for example, gc = global catalog. SOA Make a point of finding the Start of
Authority (SOA) tab at the DNS Server.
31. Describe the process of working with an external domain name.
Serving Sites with External Domain Name Servers , If you host Web sites on this server and have a standalone
DNS server acting as a primary (master) name server for your sites, you may want to set up your control
panels DNS server to function as a secondary (slave) name server:
To make the control panels DNS server act as a secondary name server:
1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch DNS Service Mode.
3. Specify the IP address of the primary (master) DNS server.
4. Click Add.
5. To make the control panels DNS server act as a primary for a zone:
1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch DNS Service Mode. The original resource records for the zone will be restored.
If you host Web sites on this server and rely entirely on other machines to perform the Domain Name Service
for your sites (there are two external name servers a primary and a secondary), switch off the control panels
DNS service for each site served by external name servers. To switch off the control panels DNS service for a
site served by an external name server:
1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Click Switch off the DNS Service in the Tools group.
Turning the DNS service off for the zone will refresh the screen, so that only a list of name servers remains.
Note: The listed name server records have no effect on the system. They are only presented on the screen as
clickable links to give you a chance to validate the configuration of the zone maintained on the external
authoritative name servers.
1. Repeat the steps from 1 to 3 to switch off the local domain name service for each site served by external
name servers.
2. If you wish to validate the configuration of a zone maintained on authoritative name servers:
1. Go to Domains > domain name > DNS Settings (in the Web Site group).
2. Add to the list the entries pointing to the appropriate name servers that are authoritative for the zone:
click Add, specify a name server, and click OK. Repeat this for each name server you would like to test.
The records will appear in the list.
1. Click the records that you have just created. Parallels Plesk Panel will retrieve the zone file from a
remote name server and check the resource records to make sure that domains resources are properly
resolved.
2. The results will be interpreted and displayed on the screen.
32. Describe the importance of DNS to AD.
When you install Active Directory on a server, you promote the server to the role of a domain controller for a
specified domain. When completing this process, you are prompted to specify a DNS domain name for the
Active Directory domain for which you are joining and promoting the server. If during this process, a
DNS server authoritative for the domain that you specified either cannot be located on the network or does not
support the DNS dynamic update protocol, you are prompted with the option to install a DNS server. This
option is provided because a DNS server is required to locate this server or other domain controllers for
members of an Active Directory domain.
33. Describe a few methods of finding an MX record for a remote domain on the Internet.
In order to find MX Records for SMTP domains you can use Command-line tools such as NSLOOKUP or DIG. You
can also use online web services that allow you to perform quick searches and display the information in a
convenient manner.

34. What does Disable Recursion in DNS mean?

In the Windows 2000/2003 DNS console (dnsmgmt.msc), under a servers Properties -> Forwarders tab is the
setting do not use recursion for this domain. On the Advanced tab you will find the confusingly similar option
Disable recursion (also disables forwarders). Recursion refers to the action of a DNS server querying additional
DNS servers (e.g. local ISP DNS or the root DNS servers) to resolve queries that it cannot resolve from its own
database
35. What could cause the Forwarders and Root Hints to be grayed out?
Win2K configured your DNS server as a private root server
36. What is a Single Label domain name and what sort of issues can it cause?
Single-label names consist of a single word like contoso.
Single-label DNS names cannot be registered by using an Internet registrar.
Client computers and domain controllers that joined to single-label domains require additional configuration
to dynamically register DNS records in single-label DNS zones. Client computers and domain controllers may
require additional configuration to resolve DNS queries in single-label DNS zones.
By default, Windows Server 2003-based domain members, Windows XP-based domain members, and
Windows 2000-based domain members do not perform dynamic updates to single-label DNS zones.
Some server-based applications are incompatible with single-label domain names. Application support may
not exist in the initial release of an application, or support may be dropped in a future release. For example,
Microsoft Exchange Server 2007 is not supported in environments in which single-label DNS is
used.
Some server-based applications are incompatible with the domain rename feature that is supported in
Windows Server 2003 domain controllers and in Windows Server 2008 domain controllers. These
incompatibilities either block or complicate the use of the domain rename feature when you try to rename a
single-label DNS name to a fully qualified domain name.
37. What is the in-addr.arpa zone used for?
When creating DNS records for your hosts, records make sense. After all, how can the world find your mail
server unless the IP address of that server is associated with its hostname within a DNS database? However,
PTR records are not as easily understood. If you already have a zone file, why
does there have to be a separate in-addr.arpa zone containing PTR records matching your A records? In
addition, who should be making those PTR recordsyou or your provider? Let us start by defining in-addr.arpa.
.arpa is actually a TLD like .com or .org. The name of the TLD comes from Address and Routing Parameter Area
and it has been designated by the IANA to be used exclusively for Internet infrastructure purposes. In other
words, it is an important zone and an integral part of the inner workings of DNS. The RFC for DNS (RFC 1035)
has an entire section on the in-addr.arpa domain. The first two paragraphs in that section state the purpose of
the domain: The Internet uses a special domain to support gateway location and Internet address to host
mapping. Other classes may employ a similar strategy in other domains.
The intent of this domain is to provide a guaranteed method to perform host address to host name mapping,
and to facilitate queries to locate all gateways on a particular network in the Internet. Note that both of these
services are similar to functions that could be performed by inverse queries; the difference is that this part of
the domain name space is structured according to address, and hence can guarantee that the appropriate data
can be located without an exhaustive search of the domain space. In other words, this zone provides a
database of all allocated networks and the DNS reachable hosts within those networks. If your assigned
network does not appear in this zone, it appears to be unallocated. In addition, if your hosts do not have a PTR
record in this database, they appear to be unreachable through DNS. Assuming an A record exists for a host, a
missing PTR record may or may not impact on the DNS reach ability of that host, depending upon the
applications running on that host. For example, a mail server will definitely be impacted as PTR records are
used in mail header checks and by most anti-SPAM mechanisms. Depending upon your web server
configuration, it may also depend upon an existing PTR record. This is why the DNS RFCs recommend that
every A record has an associated PTR record. However, who should make and host those PTR records?
Twenty years ago when you could buy a full Class C network address (i.e. 254 host addresses) the answer was
easy: you. Remember, the in-addr.arpa zone is concerned with delegated network addresses. In other words,
the owner of the network address is authoritative (i.e. responsible) for the host PTR records associated with
that network address space. If you only own one or two host addresses within a network address space, the
provider you purchased those addresses from needs to host your PTR records as the provider is the owner of

(i.e. authoritative for) the network address. Things are a bit more interesting if you have been delegated a CIDR
block of addresses. The in-addr.arpa zone assumes a classful addressing scheme where a Class A address is one
octet (or /8), a Class B is 2 octets (or /16) and a Class C is 3 octets (or /24). CIDR allows for delegating address
space outside of these boundariessay a /19 or a /28. RFC 2317 provides a best current practice for
maintaining in-addr.arpa with these types of network allocations.
Here is a summary regarding PTR records: Do not wait until users complain about DNS unreachabilitybe
proactive and ensure there is an associated PTR record for every A record. If your provider hosts your A
records, they should also host your PTR records. If you only have one or two assigned IP addresses, your
provider should host your PTR records as they are authoritative for the network those hosts belong to. If you
own an entire network address (e.g. a Class C address ending in 0), you are responsible for hosting your PTR
records. If you are configuring an internal DNS server within the private address ranges (e.g. 10.0.0.0 or
192.168.0.0), you are responsible for your own internal PTR records. Remember: the key to PTR hosting
knows who is authoritative for the network address for your domain. When in doubt, it probably is not you.
38. What are the requirements from DNS to support AD?
When you install Active Directory on a member server, the member server is promoted to a domain controller.
Active Directory uses DNS as the location mechanism for domain controllers, enabling computers on the
network to obtain IP addresses of domain controllers. During the installation of Active Directory, the service
(SRV) and address (A) resource records are dynamically registered in DNS, which are necessary for the
successful functionality of the domain controller locator (Locator) mechanism. To find domain controllers in a
domain or forest, a client queries DNS for the SRV and A DNS resource records of the domain controller, which
provide the client with the names and IP addresses of the domain controllers.
In this context, the SRV and A resource records are referred to as Locator DNS resource records. When adding a
domain controller to a forest, you are updating a DNS zone hosted on a DNS server with the Locator DNS
resource records and identifying the domain controller. For this reason, the DNS zone must allow dynamic
updates (RFC 2136) and the DNS server hosting that zone must support the SRV resource records (RFC 2782)
to advertise the Active Directory directory service. For more information about RFCs, see DNS RFCs. If the DNS
server hosting the authoritative DNS zone is not a server running Windows 2000 or Windows Server 2003,
contact your DNS administrator to determine if the DNS server supports the required standards. If the server
does not support the required standards, or the authoritative DNS zone cannot be configured to allow dynamic
updates, then modification is required to your existing DNS infrastructure.
39. How do you manually create SRV records in DNS?
This is on windows server go to run > dnsmgmt.msc.
Right click on the zone you want to add srv record to, choose other new record, and choose service location
(srv).
40. Name 3 benefits of using AD-integrated zones.
1. You can give easy name resolution to your clients.
2. By creating AD- integrated zone, you can also trace hacker and spammer by creating reverse zone.
3. AD integrated zoned all for incremental zone transfers which on transfer changes and not the entire
zone. This reduces zone transfer traffic.
4. AD Integrated zones support both secure and dmanic updates.
5. AD integrated zones are stored as part of the active directory and support domain-wide or forest-wide
replication through application partitions in AD.
41. What are the benefits of using Windows 2003 DNS when using AD-integrated zones?
Advantages:
DNS supports Dynamic registration of SRV records registered by an Active Directory server or a domain
controller during promotion. With the help of SRV records, client machines can find domain controllers in the
network.
1. DNS supports Secure Dynamic updates. Unauthorized access is denied.
2. Exchange server needs internal DNS or AD DNS to locate Global Catalog servers.
3. Active Directory Integrated Zone. If you have more than one domain controller (recommended) you need not
worry about zone replication. Active Directory replication will take care of DNS zone replication also.

4. If your network uses DHCP with Active Directory then no other DHCP will be able to service client requests
coming from different network. It is because DHCP
Server is authorized in AD and will be the only server to participate on network to provide IP Address
information to client machines.
5. Moreover, you can use NT4 DNS with Service Pack 4 or later. It supports both SRV record registration and
Dynamic Updates.
Using Microsoft DNS gives the following benefits:
i. If you implement networks that require secure updates.
ii. If you want to take benefit of Active Directory replication.
iii. If you want to integrate DHCP with DNS for Low-level clients
iv. To register their Host records in Zone database.
42. You installed a new AD domain and the new (and first) DC has not registered its SRV records in DNS.
Name a few possible causes.
The machine cannot be configured with DNS client her own The DNS service cannot be run.
43. What are the benefits and scenarios of using Stub zones?
One of the new features introduced in the Windows Server 2003-based implementation of DNS are stub zones.
Its main purpose is to provide name resolution in domains, for which a local DNS server is not authoritative.
The stub zone contains only a few records:
Start of Authority (SOA) record pointing to a remote DNS server that is considered to be the best source of
information about the target DNS domain, one or more Name Server (NS) records (including the entry
associated with the SOA record), which are authoritative for the DNS domain represented by the stub zone,
corresponding A records for each of the NS entries (providing IP addresses of the servers). While you can also
provide name resolution for a remote domain by creating a secondary zone (which was a common approach in
Windows Server 2000 DNS implementation) or delegation (when dealing with a contiguous namespace), such
approach forces periodic zone transfers, which are not needed when stub zones are used. Necessity to traverse
network in order to obtain individual records hosted on the remote Name Servers is mitigated to some extent
by caching process, which keeps them on the local server for the duration of their Time-to-Live (TTL)
parameter. In addition, records residing in a stub zone are periodically validated and refreshed in order to
avoid lame delegations.
44. What are the benefits and scenarios of using Conditional Forwarding?
Rather than having a DNS server forward all queries it cannot resolve to forwarders, the DNS server can
forward queries for different domain names to different DNS servers according to the specific domain names
that are contained in the queries. Forwarding according to these domain-name conditions improves
conventional forwarding by adding a second condition to the forwarding process. A conditional forwarder
setting consists of a domain name and the IP address of one or more DNS servers. To configure a DNS server for
conditional forwarding, a list of domain names is set up on the Windows Server2003-based DNS server along
with the DNS server IP address. When a DNS client or server performs a query operation against a Windows
Server2003-based DNS server that is configured for forwarding, the DNS server looks to see if the query can be
resolved by using its own zone data or the zone data that is stored in its cache, and then, if the DNS server is
configured to forward for the domain name that is designated in the query (a match), the query is forwarded to
the IP address of a DNS Server that is associated with the domain name. If the DNS server has no domain name
listed for the name that is designated in the query, it attempts to resolve the query by using standard recursion.
45. What are the differences between Windows Clustering, Network Load Balancing and Round Robin,
and scenarios for each use?
I will make a few assumptions here:
1) By Windows Clustering Network Load Balancing you mean Windows Network Load Balancing software
included in Windows Server software a.k.a NLB., and
2) By Round Robin, you mean DNS Round Robin meaning the absence of software or hardware load balancing
device, or the concept of the Round Robin algorithm available in just about every load balancing solution.
Microsoft NLB is designed for a small number (4 6) of Windows Servers and a low to moderate number of
new connections per second, to provide distribution of web server requests to multiple servers in a virtual
resource pool. Some would call this a cluster, but there are little differences between a clustered group of
devices and a more loosely configured virtual pool. From the standpoint of scalability and performance, almost

all hardware load-balancing solutions are superior to this and other less known software load balancing
solutions [e.g. Bright Tiger circa 1998].
DNS Round Robin is an inherent load balancing method built into DNS. When you resolve an IP address that has
more than one A record, DNS hands out different resolutions to different requesting local DNS servers.
Although there are several factors effecting the exact resulting algorithm (e.g. DNS caching, TTL, multiple DNS
servers [authoritative or cached]), I stress the term roughly when I say it roughly results in an even
distribution of resolutions to each of the addresses specified for a particular URL. It does not however, consider
availability, performance, or any other metric and is completely static. The basic RR algorithm is available in
many software and hardware load-balancing solutions and simply hands the next request to the next resource
and starts back at the first resource when it hits the last one.
NLB is based on proprietary software, meant for small groups of Windows servers only on private networks,
and is dynamic in nature (takes into account availability of a server, and in some cases performance). Round
Robin, DNS or otherwise, is more generic, static in nature (does not take into account anything but the
resource is a member of the resource pool and each member is equal), and ranges from DNS to the default static
load balancing method on every hardware device in the market.
46. How do I work with the Host name cache on a client computer?
Use the command nbtstat. -a (adapter status) Lists the remote machine's name
table given its name -A (Adapter status) Lists the remote machine's name table
Given its IP address. -c (cache) Lists NBT's cache of remote [machine] names
In addition, their IP addresses -n (names) Lists local NetBIOS names. -r (resolved)
Lists names resolved by broadcast and via WINS -R (Reload) Purges and reloads
the remote cache name table -S (Sessions) Lists sessions table with the
destination IP addresses -s (sessions) Lists sessions table converting
Destination IP addresses to computer NETBIOS names. -RR (Release Refresh) Sends
Name Release packets to WINS and then, starts Refresh
47. How do I clear the DNS cache on the DNS server?
To clear the server names cache
* Using the Windows interface
* Using a command line
* Using the Windows interface
1. Open DNS.
2. In the console tree, click the applicable DNS server. Where?
* DNS/applicable DNS server
3. On the Action menu, click Clear Cache.
Notes
* to perform this procedure, you must be a member of the Administrators group on the local computer, or you
must have been delegated the appropriate authority. If the computer is joined to a domain, members of the
Domain Admins group might be able to perform this procedure. As a security best practice, consider using Run
as to perform this procedure.
* To open DNS, click Start, click Control Panel, double-click Administrative Tools, and then double-click DNS.
Using a command line
1. Open Command Prompt.
2. Type the command and then press ENTER: Dnscmd ServerName /clearcache
48. What is the 224.0.1.24 address used for?
WINS server group address. Used to support auto discovery and dynamic configuration of replication for WINS
servers. For more information, see WINS replication overview WINS server group address. Used to support
auto discovery and dynamic configuration of replication for WINS servers.
49. What is WINS and when do we use it?
In the Windows Server family, the primary means for client computer to locate and communicate with other
computers on an Internet Protocol (IP) network is by using Domain Name System (DNS). However, clients that
use older versions of Windows, such as Windows NT 4.0, use network basic I/O system (NetBIOS) names for

network communication. Some applications that run on Windows Server 2003 may also use NetBIOS names for
network communication. Using NetBIOS names requires a method of resolving NetBIOS names to IP. Using a
WINS server is essential for any Windows client computer to work with other Windows computers over the
Internet. In addition, using a WINS server is essential for any Windows client computer at Indiana University
that intends to use Microsoft network resources. To use WINS services, you must insert into your TCP/IP
networking configuration the IP address of the WINS servers you wish to use.
50. Can you have a Microsoft-based network without any WINS server on it? What are the
considerations regarding not using WINS?
Yes, we can. WINS was designed to speed up information flow about the Windows workstations in a network. It
will work without it, and most networks do not utilize WINS servers anymore because it is based on an old
protocol (NetBUI) which is no longer in common use.
51. Describe the differences between WINS push and pull replications.
To replicate database entries between a pair of WINS servers, you must configure each WINS server as a pull
partner, a push partner, or both with the other WINS server.
* A push partner is a WINS server that sends a message to its pull partners, notifying them that it has new WINS
database entries. When a WINS servers pull partner responds to the message with a replication request, the
WINS server sends (pushes) copies of its new WINS database entries (also known as replicas) to the requesting
pull partner.
* A pull partner is a WINS server that pulls WINS database entries from its push partners by requesting any
new WINS database entries that the push partners have. The pull collaborates requests the new WINS database
entries that have a higher version number than the last entry the pull partner received during the most recent
replication.
52. What is the difference between tombstoning a WINS record and simply deleting it?
Simple deletion removes the records that are selected in the WINS console only from the local WINS server you
are currently managing. If the WINS records deleted in this way exist in WINS data replicated to other WINS
servers on your network, these additional records are not fully removed. In addition, records that are simply
deleted on only one server can reappear after replication between the WINS server where simple deletion was
used and any of its replication partners. Tombstoning marks the selected records as tombstoned, that is,
marked locally as extinct and immediately released from active use by the local WINS server. This method
allows the tombstoned records to remain present in the server database for purposes of subsequent replication
of these records to other servers. When the tombstoned records are replicated, the tombstone status is updated
and applied by other WINS servers that store replicated copies of these records. Each replicating WINS server
then updates and tombstones
53. Name the NetBIOS names you might expect from a Windows 2003 DC that is registered in WINS.
If a Microsoft Windows NT 3.5-based client computer does not receive a response from the primary Windows
Internet Name Service (WINS) server, it queries the secondary WINS server to resolve a NetBIOS name.
However, if a NetBIOS name is not found in the primary WINS server's database, a Windows NT 3.5-based
client does not query the secondary WINS server.
In Microsoft Windows NT 3.51 and later versions of the Windows operating system, a Windows-based client
does query the secondary WINS server if a NetBIOS name is not found in the primary WINS server's database.
Clients that are running the following versions In Windows NT 3.51, Windows NT 4, Windows 95, Windows 98,
Windows 2000, Windows Millennium Edition, Windows XP, and Windows Server 2003, you can specify up to
12 WINS servers. Additional WINS servers are useful when a requested name is not found in the primary WINS
server's database or in the secondary WINS server's database. In this situation, the WINS client sends a request
to the next server in the list. You can find a list of additional server names in the following registry subkey,
where adapter_guid represents the GUID of your adapter:
HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\NetBT\Parameters\Interfaces
\Tcpip_>adapter_guid>
Note: Make sure that the NameServerList registry entry in this subkey has a multistring type REG_MULTI_SZ).
54. Describe the role of the routing table on a host and on a router.
During the process of routing, decisions of hosts and routers are aided by a database of routes known as the
routing table. The routing table is not exclusive to a router. Depending on the routable protocol, hosts may also

have a routing table that may be used to decide the best router for the packet to be forwarded. Host-based
routing tables are optional for the Internet Protocol, as well as obsolete routable protocols such as IPX.
55. What are routing protocols? Why do we need them? Name a few.
A routing protocol is a protocol that specifies how routers communicate with each other, disseminating
information that enables them to select routes between any two nodes on a computer network, the choice of
the route being done by routing algorithms. Each router has a prior knowledge only of networks attached to it
directly. A routing protocol shares this information first among immediate neighbors, and then throughout the
network. This way, routers gain knowledge of the topology of the network. For a discussion of the concepts
behind routing protocols, see: Routing. The term routing protocol may refer specifically to one operating at
layer three of the OSI model, which similarly disseminates topology information between routers.
Many routing protocols used in the public Internet are defined in documents called RFCs =. Although there are
many types of routing protocols, two major classes are in widespread use in the Internet: link-state routing
protocols, such as OSPF and IS-IS; and path vector or distance vector protocols, such as BGP, RIP and EIGRP.
56. What are router interfaces? What types can they be?
Routers can have many different types of connectors; from Ethernet, Fast Ethernet, and Token Ring to Serial
and ISDN ports. Some of the available configurable items are logical addresses (IP, IPX), media types,
bandwidth, and administrative commands. Interfaces are configured in interface mode, which you get to from
global configuration mode after logging in. The media type is Ethernet, Fast Ethernet, Gigabit Ethernet, Serial,
Token-ring, or other media types. You must keep in mind that a 10Mb Ethernet interface is the only kind of
Ethernet interface called Ethernet. A 100Mb Ethernet interface is called a Fast Ethernet interface and a 1000Mb
Ethernet interface is called a Gigabit Ethernet interface.
57. What is NAT?
Windows Server 2003 provides network address translation (NAT) functionality as a part of the Routing and
Remote Access service. NAT enables computers on small- to medium-sized organizations with private networks
to access resources on the Internet or other public network. The computers on a private network are
configured with reusable private Internet Protocol version 4 (IPv4) addresses; the computers on a public
network are configured with globally unique IPv4 (or, rarely at present, Internet Protocol version 6 [IPv6])
addresses. A typical deployment is a small office or home office (SOHO), or a medium-sized business that uses
Routing and Remote Access NAT technology to enable computers on the internal corporate network to connect
to resources on the Internet without having to deploy a proxy server.
58. What is the real difference between NAT and PAT?
Take NAT (Network Address Translation) and PAT (Port Address Translation). NAT allows you to translate or
map one IP address onto another single ip address. PAT on the other hand is what is most commonly referred
to as NAT. In a PAT system, you have a single or group of public IP addresses that are translated to multiple
internal ip addresses by mapping the TCP/UDP ports to different ports. This means that by using some magic
on a router or server you can get around problems that you might have with two w eb browsers sending a
request out the same port.
59. How do you configure NAT on Windows 2003?
To activate Routing and Remote Access, follow these steps:
1. Click Start, point to All Programs, point to Administrative Tools, and then click Routing and Remote Access.
2. Right-click your server, and then click Configure and Enable Routing and Remote Access.
3. In the Routing and Remote Access Setup Wizard, click next, click Network address translation (NAT), and
then click next.
4. Click Use this public interface to connect to the Internet, and then click the network adapter that is
Connected to the Internet. At this stage, you have the option to reduce the risk of unauthorized access to your
network. To do so, click to select the Enable security on the selected interface by setting up Basic Firewall check
box.
5. Examine the selected options in the Summary box, and then click Finish.
Configure dynamic IP address assignment for private network clients. You can configure your Network Address
Translation computer to act as a Dynamic Host Configuration Protocol (DHCP) server for computers on your
internal network. To do so, follow these steps:
1. Click Start, point to All Programs, point to Administrative Tools, and then click Routing and Remote Access.

2. Expand your server node, and then expand IP Routing.

3. Right-click NAT/Basic Firewall, and then click Properties.
4. In the NAT/Basic Firewall Properties dialog box, click the Address Assignment tab.
5. Click to select the automatically assign IP addresses by using the DHCP allocator check box. Notice that
default private network 192.168.0.0 with the subnet mask of 255.255.0.0 is automatically added in the IP
address and the Mask boxes. You can keep the default values, or you can modify these values to suit your
network.
6. If you are internal network requires static IP assignment for some computers such as for domain
controllers or for DNS servers exclude those IP addresses from the DHCP pool.
To do this, follow these steps:
1. Click Exclude.
2. In the Exclude Reserved Addresses dialog box, click Add, type the IP address, and then click OK.
3. Repeat step b for all addresses that you want to exclude. Click OK.
Configure name resolution
To configure name resolution, follow these steps:
1. Click Start, point to All Programs, point to Administrative Tools, and then click Routing and Remote Access.
2. Right-click NAT/Basic Firewall, and then click Properties.
3. In the NAT/Basic Firewall Properties dialog box, click the Name Resolution tab.
4. Click to select the Clients using Domain Name System (DNS) check box. If you use a demand-dial interface to
connect to an external DNS server, click to select the Connect to the public network when a name needs to be
resolved check box, and then click the appropriate dial-up interface in the list.
60. How do you allow inbound traffic for specific hosts on Windows 2003 NAT?
You can use the Windows Server 2003 implementation of IPSec to compensate for the limited protections
provided by applications for network traffic, or as a network-layer foundation of a defense-in-depth strategy.
Do not use IPSec as a replacement for other user and application security controls, because it cannot protect
against attacks from within established and trusted communication paths. Your authentication strategy must
be well defined and implemented for the potential security provided by IPSec to be realized, because
authentication verifies the identity and trust of the computer at the other end of the connection.
61. What is VPN? What types of VPN does Windows 2000 and beyond work with natively?
VPN gives extremely secure connections between private networks linked through the Internet. It allows
remote computers to act as though they were on the same secure, local network. L2TP (layer 2 tunneling
protocol) vpn server is also known as L2TP server in native mode & in PPTP in mixed mode
62. What is IAS? In what scenarios do we use it?
IAS is called as Internet Authentication Service. It is used by for configuring centralized authentication using
RADIUS server.
63. What is the difference between mixed mode and Native mode in AD when dealing with RRAS?
When you are in mixed mode certain options in the dial-in tab of the user properties are disabled. In addition,
some of the RRAS policies are disabled. So if you want high-level security with the entire advanced feature then
change the AD to Native mode.
64. What is the RAS and IAS group in AD?
Used for managing security and allowing administration for the respective roles of the server.
65. What are Conditions and Profile in RRAS Policies?
The conditions and profiles are used to set some restrictions based on the media type, connection method,
group membership and lot more. Therefore, if used matches those conditions mentioned in the profile then he
can allowed / denied access to RAS / VPN server.
66. What types or authentication can a Windows 2003 based RRAS work with?
It supports authentication methods like MSCHAPv2, MSCHAP, SPAP, EAP, Digest authentication. (You can check
it by going to properties of your server in RRAS)

67. How does SSL work?

Internet communication typically runs through multiple program layers on a server before getting to the
requested data such as a web page or cgi scripts. The outer layer is the first to be hit by the request. This is the
high-level protocols such as HTTP (web server), IMAP (mail server), and FTP (file transfer).
Determining which outer layer protocol will handle the request depends on the type of request made by the
client. This high-level protocol then processes the request through the Secure Sockets Layer. If the request is
for a non-secure connection, it passes through to the TCP/IP layer and the server application or data.
If the client requested a secure connection, the ssl layer initiates a handshake to begin the secure
communication process. Depending on the SSL setup on the server, it may require that a secure connection be
made before allowing communication to pass through to the TCP/IP layer in which case a non-secure request
will send back an error asking them to retry securely (or simply deny the non-secure connection).
68. How does IPSec work?
IPSec is an Internet Engineering Task Force (IETF) standard suite of protocols that provides data
authentication, integrity, and confidentiality as data is transferred between communication points across IP
networks. IPSec provides data security at the IP packet level. A packet is a data bundle that is organized for
transmission across a network, and it includes a header and payload (the data in the packet). IPSec emerged as
a viable network security standard because enterprises wanted to ensure that data could be securely
transmitted over the Internet. IPSec protects against possible security exposures by protecting data while in
transit.
69. How do I deploy IPSec for a large number of computers?
Just use this program Server and Domain Isolation Using IPSec and Group Policy.
70. What types of authentication can IPSec use?
Deploying L2TP/IPSec-based Remote Access
Deploying L2TP-based remote access VPN connections using Windows Server 2003 consists of the following:
* Deploy certificate infrastructure
* Deploy Internet infrastructure
* Deploy AAA infrastructure
* Deploy VPN servers
* Deploy intranet infrastructure
* Deploy VPN clients
* Implanter certificado infra-estrutura
* Implantar infra-estrutura Internet
* Implantar infra-estrutura AAA
* Implementar VPN servidores
* Implantar intranet infra-estrutura
* Implementar clientes VPN
71. What is PFS (Perfect Forward Secrecy) in IPSec?
In an authenticated key-agreement protocol, that uses public key cryptography, perfect forward secrecy (or
PFS) is the property that ensures that a session key derived from a set of long-term public and private keys will
not be compromised if one of the (long-term) private keys is compromised in the future. Forward secrecy has
been used as a synonym for perfect forward secrecy [1], since the term perfect has been controversial in this
context. However, at least one reference [2] distinguishes perfect forward secrecy from forward secrecy with
the additional property that an agreed key will not be compromised even if agreed keys derived from the same
long-term keying material in a subsequent run are compromised.
72. How do I monitor IPSec?
To test the IPSec policies, use IPSec Monitor. IPSec Monitor (Ipsecmon.exe) provides information about which
IPSec policy is active and whether a secure channel between computers is established.
73. Looking at IPSec-encrypted traffic with a sniffer. What packet types do I see?
You can see the packages to pass, but you cannot see its contents IPSec Packet Types:
IPSec packet types include the authentication header (AH) for data integrity and the encapsulating security
payload (ESP) for data confidentiality and integrity.

The authentication header (AH) protocol creates an envelope that provides integrity, data origin identification
and protection against replay attacks. It authenticates every packet as a defense against session-stealing
attacks. Although the IP header itself is outside the AH header, AH also provides limited verification of it by not
allowing changes to the IP header after packet creation (note that this usually precludes the use of AH in NAT
environments, which modify packet headers at the point of NAT). AH packets use IP protocol 51. The
encapsulating security payload (ESP) protocol provides the features of AH (except for IP header
authentication), plus encryption. It can also be used in a null encryption mode that provides the AH protection
against replay attacks and other such attacks, without encryption or IP header authentication. This can allow
for achieving some of the benefits of IPSec in a NAT environment that would not ordinarily work well with
IPSec. ESP packets use IP protocol 50.
74. What can you do with NETSH?
Netsh is a command-line scripting utility that allows you to, either locally or remotely, display, modify or script
the network configuration of a computer that is currently running.
75. How do I look at the open ports on my machine?
Windows: Open a command prompt (Start button -> Run-> type cmd), and type: netstat a
Linux: Open an SSH session and type: netstat an
76. What is unicast and how does it work?
Unicast is a one-to-one transmission method. A single frame is sent from the source to a destination on a
network. When this frame is received by the switch, the frame is sent on to the network, and the network
passes the frame to its destination from the source to a specific destination on a network.
77. What is multicast and how does it work?
Multicast is a one-to-many transmission method. A single frame is sent from the source to multiple
destinations on a network using a multicast address. When this frame is received by the switch, the frame is
sent on to the network and the network passes the frame to its intended destination group.
78. What is broadcast and how does it work?
Broadcast is a one-to-all transmission method. A single frame is sent from the source to a destination on a
network using a multicast address. When this frame is received by the switch, the frame is sent on to the
network. The network passes the frame to all nodes in the destination network from the source to an unknown
destination on a network using a broadcast address. When the switch receives this frame, the frame is sent on
to all the networks, and the networks pass the frame on to all the nodes. If it reaches a router, the broadcast
frame is dropped.
79. What is fragmentation?
Fragmentation in a network is the breaking down of a data packet into smaller pieces to accommodate the
maximum transmission unit (MTU) of the network.
80. What is MTU? What is the MTU for traditional Ethernet?
MTU is the acronym for maximum transmission unit and is the largest frame size that can be transmitted over a
network. Messages longer than the MTU must be divided into smaller frames. The network layer (Layer 3)
protocol determines the MTU from the data link layer (Layer 2) protocol and fragments the messages into the
appropriate frame size, making the frames available to the lower layer for transmission without further
fragmentation. The MTU for Ethernet is 1518 bytes.
81. What is a MAC address?
A MAC address is the physical address of a network device and is 48 bits (6 bytes) long. MAC addresses are also
known as physical addresses or hardware addresses.
82. What is the difference between a runt and a giant, specific to traditional Ethernet?
In Ethernet, a runt is a frame that is less than 64 bytes in length, and a giant is a frame that is greater than 1518
bytes in length. Giants are frames that are greater than the MTU used, which might not always be 1518 bytes.
83. What is the difference between store-and-forward and cut-through switching?
Cut-through switching examines just the frame header, determining the output switch port through which the
frame will be forwarded. Store-and-forward examines the entire frame, header and data payload, for errors. If

the frame is error free, it is forwarded out its destination switch port interface. If the frame has errors, the
switch drops the frame from its buffers. This is also known as discarding the frame to the bit bucket.
84. What is the difference between Layer 2 switching and Layer 3 switching?
Layer 2 switches make their forwarding decisions based on the Layer 2 (data link) address, such as the MAC
address. Layer 3 switches make their forwarding decisions based on the Layer 3 (network) address.
85. What is the difference between Layer 3 switching and routing?
The difference between Layer 3 switching and routing is that Layer 3 switches have hardware to pass data
traffic as fast as Layer 2 switches. However, Layer 3 switches make decisions regarding how to transmit traffic
at Layer 3 in the same way as a router. A Layer 3 switch cannot use WAN circuits or use routing protocols; a
router is still required for these functions.