Windows Administrator Interview Question & Answers – Part 2

Question 1 :  What is Boot Process In Windows?

  • System is powered on
  • The CMOS loads the BIOS and then runs POST
  • Looks for the MBR on the bootable device
  • Through the MBR the boot sector is located and the BOOTMGR is loaded
  • BOOTMGR looks for active partition
  • BOOTMGR reads the BCD file from the \boot directory on the active partition
  • The BCD (boot configuration database) contains various configuration parameters( this information was previously stored in the boot.ini)
  • BOOTMGR transfer control to the Windows Loader (winload.exe) or winresume.exe in case the system was hibernated.
  • Win loader loads drivers that are set to start at boot and then transfers the control to the windows kernel.

Question 2 : What is RAID (Types/Diff) ?

  • Raid Stands for Redundant array of independent (or inexpensive) disk , Raid is the way to combine the small disks in to single storage of large size. The disk included in the Raid are known as the array members.
    • Fault Tolerance
    • Performance
    • Capacity
  • The main method of storing data in array are
    • Stripping : splitting the flow of data into blocks of a certain size (called “block size”) then writing of these blocks across the RAID one by one. This way of data storage affects on the performance.
    • Mirroring : It is a storage technique in which the identical copies of data are stored on the RAID members simultaneously. This type of data placement affects the fault tolerance as well as the performance.
    • Parity : It is a storage technique which is utilized striping and checksum methods. In parity technique, a certain parity function is calculated for the data blocks. If a drive fails, the missing block are recalculated from the checksum, providing the RAID fault tolerance.
  • Raid Levels
  • RAID 0 – based on striping. This RAID level doesn’t provide fault tolerance but increases the system performance (high read and write speed).
  • RAID 1 – utilizes mirroring technique, increases read speed in some cases, and provides fault tolerance in the loss of no more than one member disk.
  • RAID 0+1 – based on the combination of striping and mirroring techniques. This RAID level inherits RAID 0 performance and RAID 1 fault tolerance.
  • RAID1E – uses both striping and mirroring techniques, can survive a failure of one member disk or any number of nonadjacent disks. There are three subtypes of RAID 1E layout: near, interleaved, and far. More information and diagrams on the RAID 1E
  • RAID 5 – utilizes both striping and parity techniques. Provides the read speed improvement as in RAID 0 approximately, survives the loss of one RAID member disk.
  • RAID 5E – a variation of RAID 5 layout the only difference of which is an integrated spare space allowing to rebuild a failed array immediately in case of a disk failure. Read more on the RAID5E
  • RAID 5 with delayed parity – pretty similar to basic RAID 5 layout, but uses nonstandard scheme of striping. More information about RAID5 with delayed parity.
  • RAID 6 – similar to RAID 5 but uses two different parity functions. The read speed is the same as in RAID 5.

Question 3 : Different types of Backups (in detail) ?

An operation or procedure that copies data to an alternative location, so it can be recovered if deleted or becomes corrupted, there are basic 3 type of backup which is used most commonly.

  • Full Backup: Full back up is the method of backup in which all the files and folder are selected for the backup will be backed up.
    • Advantage: The restores are fast and easy as the complete list of files are stored each time.
    • Disadvantage: Each backup run is time consuming as the entire list of file is copied again.
  • Incremental Backup: incremental back up is the backup of all the changes made since the last backup.
    • Advantage: It is faster in each backup run. Storage space usage is much less than the full backup.
    • Disadvantage: In the restore operation each increment is processed and this could result in lengthy restore job.
  • Differential Backup: Differential backup is the back up of all the changes made since the last full back up.
    • Advantages: Backup run is faster as compare to full backup. Storage space usage is much less than full backup but more than the incremental backup.
    • Disadvantage: Restore are slower than full backup and faster than the incremental backup.

Question 4 : Hyper –V Types (Gen1, Gen2)

Hype-V is a virtualation technology provided by the Microsoft.

  • Generation 1 : Generation 1 Virtual Machines Supports legacy drivers and BIOS based Architecture. Generation 1 Virtual Machine can only initialize the IDE Controller for Operating System. For Generation 1 Virtual Machines, there is no changes in Hardware and functionality. The same Virtual Machine which is available in Hyper-V Windows Server 2008, 2008R2 and 2012 are available in Generation 1.
  • Generation 2 : Generation 2 Virtual Machines can only be created in Windows Server 2012R2 or later Versions. Once you have selected the Generation 2 version then you cannot go back to the previous version ie; there is no backward compatibility.
  • Difference between Generation 1 and Generation 2.1.png

Question 5 : What is No Boot-Troubleshooting ?

  • No Boot Trouble shooting means there is no power in the mother board and no videos is being displayed on the monitor , so the best practice is to check the RAM and then check the CPU is compatible with mother board or not and then check the CPU pins , if it is broken then also mother board will not work.

Question 6 : What is Active Directory?

  • Active directory is a centralized controlled for network administration and security.Active directory stores all the information and setting for the deployment in a central database and allow administrator to assign policies, deploy and update software’s. The Server which is configured with a active directory are known as domain controller.

Question 7 : What are FSMO Roles? Explain each role ?

  • There are changes, which could be performed across domain controllers in Active Directory, using the ‘multi-master replication’. However, performing all changes this way may not be practical, and so it must be refined under one domain controller that maneuvers such change requests intelligently. And that domain controller is dubbed as Operations Master, sometimes known as Flexible Single Master Operations (FSMO). These FSMO roles are classified in two roles
  • Forest Wide Operation Master role.
    • Schema master: Any update or modification done to the schema must go via schema master domain controller. There can be only one schema master in the entire forest.
    • Domain naming master: The domain controller holding the domain naming master role exclusively controls the addition and removal of domain in the forest.
  • Domain Wide Operation master role
    • RID master: It is a task of RID master to allot the sequences of relative ID’s to each of the domain controller in its domain.
    • PDC emulator master: In order to ensure consistency, password changes from client computers must be replicated and updated to all domain controllers throughout the domain. And the PDC emulator can be configured to synchronize with an external time source
    • Infrastructure master: Tasks such as updating references from objects in its domain to objects in other domains are under the preview of the infrastructure master. The infrastructure master compares its data with that of a global catalog, which receives regular updates for objects in all domains through replication.

Question 8 : What is a Global Catalog ?

  • A global catalog is a multi-domain catalog that allows for faster searching of objects without the need for a domain name. It helps in locating an object from any domain by using its partial read-only replica stored in a domain controller.

Question 9 : What are Group Policies?

  • Group policy is a hirearical infrastructure that allows a network administrator to implement specific configuration for users and computers, group policy can also be used to define users, security and networking policy at the machine level. Group policy allow administrator to define the option for what user can do on a network including what files , folders and application can access.

Question 10 : What is the difference between a Domain and a Workgroup ?

  • Domain: A domain is defined as the logical group of network objects (Computer, users and devices) which share the same active directory database. A tree can have multiple domains.
    • Centralized administration.
    • Security of data, users and groups.
    • We can assign the policies on the file, folder, user and groups.
  • Workgroup: Workgroup is a microsoft term for peer to peer local area network, computers running with microsoft operating sysytem in the same workgroup may share the files and printers etc.
    • No Centralized administration.
    • Not much security of data, users and groups.
    • Each PC react as the server and the client as well.

Question 11 : What is the relationship between tree and forest?                                                                    

  • Tree: Trees are the collections of one or more domain that allow global resource sharing , a tree may consist of a single domain or the multiple domain of contigous namespaces. A domain added to the existing tress is called the child domain and in which it is added that is called the parent domain.
  • Forest: A forest is a collection of trees that share a common global catalog, directory schema, logical structure and directory configuration.The forest represent the security boundaries within which users, computers and groups and other objects are accessible.

Question 12 : What is the file name of Active Directory and where is it stored?

  • Active Directory file name is “NTDS.DIT” and it is stored in %Systemroot%\NTDS.

Question 13 : What is the difference between NTFS and FAT file system.

  • Fat: FAT stands for file allocation table and FAT32 is the extension which means data is stored in chunk of 32 bits.
  • NTFS: NTFS stands for new technology file sysytem and this took over FAT as the primary file system being used in windows system. This NTFS file is not only secure but also support larger file sizes and hard drives.
  • Difference between NTFS and FAT


Question 14 : What is DNS?

  • DNS stands for the Domain Name System and it is basically used to Domain name to ip address and DNS uses the port number 53. There are two types of lookup in DNS.
    • Forward Lookup : The forward lookup zone is used to convert Domain name in to Ip addresses and we can configure it in the server using the DNS manager.
    • Reverse Lookup : The reverse lookup zone is basically used to convert ip address in to domain names and it can also be configured using the DNS manager.
  • DNS works on two types of query
    • Recursive Query.
    • Iterative Query.
  • DNS Has 3 types of Zones.
    • Primary Zone: Primary zone in the DNS server is the read/write copy of the DNS database. This means that whenever a new DNS record is added to the DNS database either automatically by the DNS clients or manually by the administrators, it is actually written in the primary zone of the DNS server. One DNS server can have only one primary DNS zone.
    • Secondary Zone: secondary DNS zone is the read-only copy of the DNS records. This means that the DNS records cannot be added directly to the secondary DNS zone. The secondary DNS zone can receive the updated records only from the primary DNS zone of the DNS server.
    • Stub Zone: A stub zoneis a copy of a zone that contains only those resource records necessary to identify the authoritative Domain Name System (DNS) servers for that zone. A stub zone is used to resolve names between separate DNS namespaces.

Question 15 : What is DHCP and Dora process ?

  • DHCP stands for Dynamic Host Configuration Protocol, DHCP is a protocol used for automatic configuration IP Address in client computers connected to IP Network, DHCP operates on client server model on 4 phases.
    • Discover: A client broadcast a discover message when it comes alive on the network.
    • Offer : When a DHCP server receives a discover message from the client, it reserves an IP address for the client and send a DHCP offer message to the client offering the reserved IP address.
    • Request: The client receives the DHCP offer message and broadcast a DHCP request message to show its consent to accept the offered IP address.
    • Acknowledge: When the DHCP server receives the request message from the client, it send a DHCP acknowledge packet to the client. At this point DORA process completes.
  • DHCP Scope : A range of IP address that a DHCP server can assign to client
  • DHCP client protocol is 67
  • DHCP server protocol is 68



Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.