Home » IT Q & A » Important IT Interview Questions and Answers

Important IT Interview Questions and Answers

Important IT Interview Questions

What are the different port nos. in Windows 2000?

Ans: LDAP – 389, LDAP – 636(SSL), RPC over IP(Replication) – 135, Net Logon – 137, Kerberos – 88, DNS – 53, RDP – 3389, GC – 3268, SMTP – 25, Telnet – 23, FTP – 21, SSL – 443, DHCP – 67, DNS – 53, WINS – 42,

What is Registry?

Ans: This is the central repository which contains the computer configuration. It has 5 hives and each hives contains the keys and they contain the key values.)

What are the processes involved in the FRS?

Ans: FRS is File replication service which is responsible for replicating Sysvol folder and the DFS information.

IT Interview Questions and answers

Which protocol does FRS uses for directory replication?

Ans: RPC over IP for inter-site and intra-site and uses port no 135.

What is LDAP?

Ans: It is directory structure based on X.500 protocol.

Which is the tool to recover the corrupted WINS database?

Ans:  Jetpack.exe

What is PUSH and PULL partners in WINS?

Ans: Push partners send update notices when a database change is made. A pull partner asks push partners for database entries more recent than their current listings. Only changes are replicated. Pull servers are used across slow links since        pull requests can be set for specific times.

What are the services which registers the NetBIOS name of the client in WINS Data base?

Ans: Workstation (00h), Messenger (03h), Server (20h) services

What is the BOOT UP process in Windows NT/2000?

Ans: POST(Checks all the computer hardware), Choose the OS(NTLDR, Boot.ini, bootdd.sys, bootsec.dos) , Kernel load (Collects the H/W configuration from NTLDR with hall.dll and loads in to the registry), Service Load(loads Session manager(smss.exe) then winlogon.exe which starts Local security administrator(Lsass.exe)) , Logon (Takes the user credentials and after successfully logon it copies clone control set to Last good known configuration).

What is KCC?

Ans: It maintains the AD replication topology. And the replication can be scheduled in site and services console.

What is KDC?

Ans: Key distribution center which is responsible for issuing credentials to the clients.

What is DDNS?

Ans: It dynamically registers m/c name in the AD integrated DNS database. It also used to dynamically register domain controllers name in the DNS at the time of installing AD.

What are Resource records in DNS?

Ans: RR in DNS are MX, PTR, A, SOA, SRV, CNAME, NS.

What are SRV records?

Ans: These are the records which maps the AD service with the location of the service i.e. GC, Kerberos and Ldap with their port nos.

What are the types of DNS?

Ans: Primary, Secondary, Stub only.

What are different DNS queries?

Ans: Recursive and iterative.

What are FSMO role in windows 2003?

Ans: Schema master, Domain Naming Master, PDC Emulator, RID Master, Infrastructure Master.

What is FRS and which port it uses for replication?

Ans: IP Over RPC and port no.135.

What is the difference between Windows 2000 and Windows 2003?

Ans: It has extra features such as, Domain Renaming, incremental AD replication, Catching credential for the GC, Shadow copy, Restoration of AD through CD media, installs IIS 6.0 as default web server, Multiple DFS root.

What is Active directory?

Ans: It is a directory service which contains the network resources (object) such as computers, users, printers, scripts and policies and provides a single console to administer them.

What are the functional domain levels of Windows 2003 Active Directory?

Ans: Windows 2000 Mixed, Windows 2000 native, Windows 2003 Interim, Windows 2003,

What is the difference between GC and Schema?

Ans: Schema contains all the objects and their attributes of the AD and GC contains all the objects of the AD but contains the partial attributes i.e. user name, last name of the user but not the entire attributes.

What are Sites in windows 2000 AD?

Ans: Site defines the replication boundaries AD.

What is the default time for site replication?

Ans: For inter-site it is 3hours and for intrasite replication it is 15 seconds.

What is DFS?

Ans: It contains all the shares of the servers at one console and gives easy way of administring those shares.

What are the modes of DFS?

Ans: Standalone and Domain modes.

What is DISKPART utility?

Ans: It is the command prompt utility used to manage disks in windows 2000,XP and 2003.

What is “last good known configuration”?

Ans: The Last Known Good Configuration feature is a recovery option that you can use to start your computer by using the most recent settings that worked. The Last Known Good Configuration feature restores registry information and driver settings that were in effect the last time the computer started successfully. For example, you can use this feature if you cannot start it after you install a new driver for your video adapter, or if you installed an incorrect driver and have not yet restarted your computer.
When you start your computer by using the Last Known Good Configuration feature, the information gets stored in the following registry key:


What is the order of applying group policy in the Active Directory?

Ans: The order is — Site, Domain, OU.

What is the difference between assigning and publishing software in Active Directory?

Ans: software can be assigned to user and computer and publishing software can be published to user only.

Which port does DHCP uses?

Ans: UDP port 67

What is Rogue DHCP?

Ans: Unauthorised DHCP server in AD environment.

What is effective permission?

Ans:  It is the combined permission of user and group.

Which software RAIDs are supported by Windows 2000?

Ans: RAID 1 and RAID 5.

How to do you health check of a domain controller?

Ans: using NLTEST, NETDOM utility.

What is SMTP protocol and how it works?

Ans: Port no 25)

What is RPC service?

Ans: Provides the endpoint mapper and other miscellaneous RPC services.

What is Computer Browser Service?

Ans: Maintains an updated list of computers on the network and supplies this list to computers designated as browsers. If this service is stopped, this list will not be updated or maintained.

What is Net Logon service?

Ans: This is required to give logon access for the domain.

What is Server service?

Ans: Supports file, print, and named-pipe sharing over the network for the computer

What is the difference between encrypting a folder and giving permission to the folder?

Ans: EFS gives extra security while accessed across the network.

What is non-authoritative restore?

Ans: Authoritative restore only restores the AD database from the backup on the DC on which it being applied. After the restart it follows the normal replication process.

How do Authoritative restore works?

Ans: It adds 100,000 USN to every change which has been made to the AD and next time when DC boots it takes the precedence of replicating the changes to other DC as it has the highest priority USN.

What is USN?

Ans: Update Sequence Number is the number assigned to each object of AD, while they get modified.

What is the difference between sysvol and netlogon share?

Ans: Netlogon is the share used in NT which contains login scripts and policies AND sysvol folder is used in Windows 2000 and which contains scripts in scripts folder and policies in policy folder.

What is Domain Naming Master?

Ans: It is a DC which maintains the group to user reference in the forest i.e. any changes made to any group on any DC, should reflects the reference to the user which is associated to that group to all the other DCs.

What is Site Links and Site Link Bridge?

Ans: Site Links are created to establish a connection between the two sites and Site Link Bridge is created to connect two Site Links

What is Bridge Head server?

Ans: Bridge Head Server is dedicated server which is used for site replication in a large organization where there are large no of DCs in each site. It works on the concept of SMTP which stores the replication information  at the time when links is DOWN and keeps the information until the link comes UP and distributes the information to other DCs in that site.

What is the extra feature added to windows 2003 for GC?

Ans: For cross domain authentication GC is needed, if GC is down then the DC stores the last stored credential for the authentication.

What is LmRepl?

Ans: Used for Directory replication in NT.

What is the difference between NTLM and Kerberos?

Ans: NTLM is the authentication protocol used in Windows NT 4.0 and Kerberos is the authentication protocol used in Windows 2000. Kerberos is more secure as it uses two way authentication.

What is the default time taken by KCC to check the replication topology?

Ans: 15 mins

What happens when RID master goes down?

Ans: Each domain controller is allocated 512 RIDs by the RID master. When a domain controller has approximately 100 RIDs remaining, it contacts the RID master and requests an            additional 512 RIDs to replenish its supply. If the RID master is unavailable and a domain controller runs out of relative IDs, you will no longer be able to use that computer to create new Active Directory objects.

NOTE: Immediately there will not be any effect.

What happens when Schema master is down?

Ans: You can not make changes to the Schema objects.

What happens when PDC Emulator is down?

Ans: 1. Password changes will not get replicated to the DC.

  1. NT domain information (SAM Database) will not get replicated to BDCs.

What happens when Domain Naming Master is down?

Ans: You can not Rename, create or delete any domain.

What happens when Infrastructure Master is down?

Ans: The security group membership will not get updated and the global group permission information will be lost.

What are Active directory Logical partitions?

Ans: 1. Domain Directory Partition

The domain directory partition is the partition where most of the action takes place. This partition contains all of the domain information, including information about users, groups, computers, and contacts. Essentially, anything that can be viewed through the Active Directory Users and Computers administrative tool is stored in the domain directory partition

  1. Schema directory Partition

It contains the schema for the entire forest. The schema directory partition is replicated to all domain controllers in the entire forest. However, only one domain controller, the schema master, has a writable copy of the schema directory partition. All changes to the schema must be made on the schema master; the changes are then replicated to all other domain controllers.

  1. GC Partition

The GC partition is stored in the database like the other partitions, but administrators cannot enter information directly into this partition. The GC is a read-only partition on all GC servers, and it is built from the contents of the domain databases.

  1. Application Directory Partition

Only one type of application directory partition is created by default in Active Directory—for the Domain Name System (DNS) server service. Installing the first Active Directory integrated zone creates the ForestDnsZones and the DomainDnsZones application directory partitions. Application directory partitions can store any type of Active Directory object except security principals. The advantage of application directory partitions is that replication of the information in the partition can be controlled.

How do you do fragmentation of Active Directory?

Ans: Fragmentation of AD rearranges the data in the Active Directory database. This can be done using the ntdsutil.

What is APIPA?

Ans: It is the Automatic private IP address configuration. If DHCP is not available and this option is enabled in the alternate configuration in the network settings, the client automatically assigns IP address which ranges from to

Can you remove a parent domain controller if it has child domain controllers existing in the domain?

Ans: No. First child DCs should be demoted to member server and then parent DC should be demoted to the member server.

What are the pre-requisites while installing Active directory?

Ans: 1. Domain naming master should be available.

  1. File system should be NTFS 5.0, on which AD will be installed.
  2. DNS should be available.
  3. Non-Windows DNS servers should be configured and it should support BIND 8.2.1      and which supports SRV records.

Where will you check the errors which has encountered during the installation of AD?

Ans: Check the errors in dcpromo.log.

You are unable to see any share on the server. What are the actions you will take to fix the problem?

Ans: Check for the server service, which is responsible for providing the share of the servers.

What is computer browser service?

Ans: Its maintains the list of all the computers in the n/w.

A client is unable to connect a domain controller. What are the actions will you take to fix the problem?

Ans: First of all check the n/w connectivity and then check for the DNS client service running on the client, because the computer without this service will not be able to resolve the DNS names and locate the Active Directory DC.

Which is the service required to add, remove and repairs softwares?

Ans: Windows Installer service is required to add, remove and repair software according to the instruction in the .MSI file

What is secondary logon service? OR How can you stop users login to the desktop when domain is not available?

Ans: It enables starting processes under alternate credentials. If this service is stopped, this type of logon access will be unavailable.

Can you stop the event log service?

Ans: NO

Can you rollback printer driver?

Ans: NO

What is the difference in the AD Database structure in Windows 2003 and Windows 2000?

Ans: Windows 2000 has only three partitions i.e. Schema, Configuration and Domain partitions. Windows 2003 has additional partition i.e. Application partition which can be customized for the application integration with the AD.

How can you add, modify and delete AD objects through command tool?

Ans: There are two command tools. CSVDE and LDIFDE.

CSVDE (comma separated value directory exchange) which can be used to add or create multiple AD objects. It takes file which has value separated by comma. It can not be used to modify or delete any object in AD.

LDIFDE (Ldap Directory information file exchange) which can be used to create, modify and deletion of AD objects. This takes file which has value separated by line.

What is UPN Login?

Ans: User Principle Name login is used when login from one domain to another domain.

The format is as below:

User name —- user@domain

Note: Logon box gets grayed out when you type the user name in the above format.

How many versions do Volume shadow copy keeps?

Ans: It keeps 64 versions of volume or the maximum allocated space for volume shadow copy.

How do you access versions of file through VSC?

Ans: You can access the versions of file only through share if VSC is enabled.

What is Forest Dns Zone?

Ans: It is the Dns zone created in the application partition of the Active Directory. This partition gets created on all the DCs in forest which has DNS service running.

What is Domain Dns Zone?

Ans: It is the Dns zone created in the application partition of the Active Directory. This partition gets created on all the DCs in a specific Domain which has DNS service running.



Leave a Reply

Your email address will not be published. Required fields are marked *