Cloud Network

Q :- Mention what is Active Directory?
Ans :- An active directory is a directory structure used on Micro-soft Windows based servers and computers to store data and information about networks and domains. 
 or
Active Directory (AD) is a directory service developed by Microsoft and used to store objects like User, Computer, printer, Network information, It facilitate to manage your network effectively with multiple Domain Controllers in different location with AD database, able to manage/change AD from any Domain Controllers and this will be replicated to all other DC’s, centralized Administration with multiple geographical location and authenticates users and computers in a Windows domain

Q :- Mention what are the new features in Active Directory (AD) of Windows server 2012?
Ans :- dcpromo (Domain Controller Promoter) with improved wizard: It allows you to view all the steps and review the detailed results during the installation process
    Enhanced Administrative Center: Compared to the earlier version of active directory, the administrative center is well designed in Windows 2012. The exchange management console is well designed

    Recycle bin goes GUI: In windows server 12, there are now many ways to enable the active directory recycle bin through the GUI in the Active Directory Administrative Center, which was not possible with the earlier version

    Fine grained password policies (FGPP): In windows server 12 implementing FGPP is much easier compared to an earlier  It allows you to create different password policies in the same domain

    Windows Power Shell History Viewer: You can view the Windows PowerShell commands that relates to the actions you execute in the Active Directory Administrative Center UI

Q :- Mention which is the default protocol used in Directory Services?
Ans :- The default protocol used in directory services is
LDAP ( Lightweight Directory Access Protocol).

Q :- What is Tree?
Ans :- Tree is a hierarchical arrangement of windows Domain that share a contiguous name space


Q :- Explain the term FOREST in AD?
Ans :- Forest is used to define an assembly of AD domains that share a single schema for the AD.  All DC’s in the forest share this schema and is replicated in a hierarchical fashion among them.

Q :- How to check which server holds which role?
Ans :- Netdom query FSMO

Q :- Explain what is SYSVOL?
Ans :- The SysVOL folder keeps the server’s copy of the domain’s public files.  The contents such as users, group policy, etc. of the sysvol folders are replicated to all domain controllers in the domain.

Q :- Mention what system state data contains?
Ans :- System state data contains
    Contains startup files
    Registry
    Com + Registration Database
    Memory page file
    System files
    AD information
    SYSVOL Folder
    Cluster service information


Q :- Mention what is PDC emulator and how would one know whether PDC emulator is working or not?
Ans :- PDC Emulators: There is one PDC emulator per domain, and when there is a failed authentication attempt, it is forwarded to PDC emulator.  It acts as a “tie-breaker” and it controls the time sync across the domain.

These are the parameters through which we can know whether PDC emulator is working or not.

    Time is not syncing
    User’s accounts are not locked out
    Windows NT BDCs are not getting updates
    If pre-windows 2000 computers are unable to change their passwords.


Q :- Mention what are lingering objects?
Ans :- Lingering objects can exists if a domain controller does not replicate for an interval of time that is longer than the tombstone lifetime (TSL).

Q :- Mention what is TOMBSTONE lifetime?
Ans :- Tombstone lifetime in an Active Directory determines how long a deleted object is retained in Active Directory.  The deleted objects in Active Directory is stored in a special object referred as TOMBSTONE.  Usually, windows will use a 60- day tombstone lifetime if time is not set in the forest configuration.



Q :- Explain what is Active Directory Schema?
Ans :-Schema is an active directory component describes all the attributes and objects that the directory service uses to store data.

Q :- Explain what is a child DC?
Ans :- CDC or child DC is a sub domain controller under root domain controller which share name space

Q :- Explain what is RID Master?
Ans :- RID master stands for Relative Identifier for assigning unique IDs to the object created in AD.


Q :- Mention what are the components of AD?
Ans :- Components of AD includes

    Logical Structure: Trees, Forest, Domains and OU
    Physical Structures: Domain controller and Sites

Q :- Explain what is Infrastructure Master?
Ans :- Infrastructure Master is accountable for updating information about the user and group and global catalogue.

 Q :- What is Access control list ?
Ans :- ACLs are basically a set of commands, grouped together by a number or name that is used to filter traffic entering or leaving an interface.
When activating an ACL on an interface, you must specify in which direction the traffic should be filtered:
Inbound (as the traffic comes into an interface)
Outbound (before the traffic exits an interface)
Inbound ACLs:
Incoming packets are processed before they are routed to an outbound interface. An inbound ACL is efficient because it saves the overhead of routing lookups if the packet will be discarded after it is denied by the filtering tests. If the packet is permitted by the tests, it is processed for routing.
Outbound ACLs:
Incoming packets are routed to the outbound interface and then processed through the outbound ACL.

 Q :- Universal fact about Access control list?
Ans :- ACLs come in two varieties:Numbered and named
-Each of these references to ACLs supports two types of filtering: standard and extended.
-Standard IP ACLs can filter only on the source IP address inside a packet.
-Whereas an extended IP ACLs can filter on the source and destination IP addresses in the packet.
-There are two actions an ACL can take: permit or deny.
-Statements are processed top-down.
-Once a match is found, no further statements are processed—therefore, order is important.
-If no match is found, the imaginary implicit deny statement at the end of the ACL drops the packet.
-An ACL should have at least one permit statement; otherwise, all traffic will be dropped because of the hidden implicit deny statement at the end of every ACL.
-No matter what type of ACL you use, though, you can have only one ACL per protocol, per interface, per direction. For example, you can have one IP ACL inbound on an interface and another IP ACL outbound on an interface, but you cannot have two inbound IP ACLs on the same interface.

 Q :- Standard ACLs?
Ans :- A standard IP ACL is simple; it filters based on source address only. You can filter a source network or a source host, but you cannot filter based on the destination of a packet, the particular protocol being used such as the Transmission Control Protocol (TCP) or the User Datagram Protocol (UDP), or on the port number. You can permit or deny only source traffic.

 Q :- Extended ACLs?
Ans :- An extended ACL gives you much more power than just a standard ACL. Extended IP ACLs check both the source and destination packet addresses. They can also check for specific protocols, port numbers, and other parameters, which allow administrators more flexibility and control.
 Q :- Named ACLs?
Ans :- One of the disadvantages of using IP standard and IP extended ACLs is that you reference them by number, which is not too descriptive of its use. With a named ACL, this is not the case because you can name your ACL with a descriptive name. The ACL named DenyMike is a lot more meaningful than an ACL simply numbered 1. There are both IP standard and IP extended named ACLs.

Another advantage to named ACLs is that they allow you to remove individual lines out of an ACL. With numbered ACLs, you cannot delete individual statements. Instead, you will need to delete your existing access list and re-create the entire list.

 Q :- Placement of ACLs?
Ans :- Standard ACLs should be placed as close to the destination devices as possible.
Extended ACLs should be placed as close to the source devices as possible.

 Q :- Access Attacks?
Ans :- An access attack occurs when someone tries to gain unauthorized access to a component, tries to gain unauthorized access to information on a component, or increases their privileges on a network component. Access attacks exploit known vulnerabilities in authentication services, FTP services, and web services to gain entry to web accounts, confidential databases, and other sensitive information.

Q :- DoS Attacks?
Ans :- DoS attacks involve an adversary reducing the level of operation or service, preventing access to, or completely crashing a network component or service.

Q :- Password attack threat-mitigation methods?
Ans :- A security risk lies in the fact that passwords are stored as plaintext. You need to encrypt passwords to overcome risks. On most systems, passwords are processed through an encryption algorithm that generates a one-way hash on passwords. You cannot reverse a one-way hash back to its original text. Most systems do not decrypt the stored password during authentication; they store the one-way hash. During the login process, you supply an account and password, and the password encryption algorithm generates a one-way hash. The algorithm compares this hash to the hash stored on the system. If the hashes are the same, the algorithm assumes that the user supplied the proper password.

Remember that passing the password through an algorithm results in a password hash. The hash is not the encrypted password, but rather a result of the algorithm. The strength of the hash is that the hash value can be recreated only with the original user and password information and that retrieving the original information from the hash is impossible. This strength makes hashes perfect for encoding passwords for storage. In granting authorization, the hashes, rather than the plain password, are calculated and compared.


 Q :- Password Attacks?
Ans :- A password attack usually refers to repeated attempts to identify a user account, password, or both. These repeated attempts are called brute-force attacks. Password attacks are implemented using other methods, too, including Trojan horse programs, IP spoofing, and packet sniffers.

 Q :- Password attack threat-mitigation methods include these guidelines?
Ans :- Do not allow users to have the same password on multiple systems. Most users have the same password for each system they access, as well as for their personal systems.
Disable accounts after a specific number of unsuccessful logins. This practice helps to prevent continuous password attempts.
Do not use plaintext passwords. Use either a one-time password (OTP) or an encrypted password.
Use strong passwords. Strong passwords are at least eight characters long and contain uppercase letters, lowercase letters, numbers, and special characters. Many systems now provide strong password support and can restrict users to strong passwords only.

 Q :- Password Authentication Protocol?
Ans :- Password Authentication Protocol (PAP) The Password Authentication Protocol sends the user’s username and password in plain text. It is very insecure because someone can analyze and interpret the logon traffic. This is the authentication protocol used by the basic authentication method mentioned previously.

 Q :- Challenge Handshake Authentication Protocol?
Ans :- Challenge Handshake Authentication Protocol (CHAP) With the Challenge Handshake Authentication Protocol, the server sends a client a challenge (a key), which is combined with the user’s password. Both the user’s password and the challenge are run through the MD5 hashing algorithm (a formula), which generates a hash value, or mathematical answer, and that hash value is sent to the server for authentication. The server uses the same key to create a hash value with the password stored on the server and then compares the resulting value with the hash value sent by the client. If the two hash values are the same, the client has supplied the correct password. The benefit is that the user’s credentials have not been passed on the wire at all.

 Q :- Microsoft Challenge Handshake Authentication Protocol MS-CHAP
Ans :- Microsoft Challenge Handshake Authentication Protocol MS-CHAP uses the Microsoft Point-to-Point Encryption (MPPE) protocol along with MS-CHAP to encrypt all traffic from the client to the server. MS-CHAP is a distinction of the CHAP authentication protocol and uses MD4 as the hashing algorithm versus MD5 used by CHAP.

 Q :- MS-CHAPv2
Ans :- MS-CHAPv2 With MS-CHAP version 2 the authentication method has been extended to authenticate both the client and the server. MS-CHAPv2 also uses stronger encryption keys than CHAP and MS-CHAP.

 Q :- Extensible Authentication Protocol (EAP)
Ans :- Extensible Authentication Protocol (EAP) The Extensible Authentication Protocol allows for multiple logon methods such as smartcard logon, certificates, Kerberos, and public-key authentication. EAP is also frequently used with RADIUS, which is a central authentication service that can be used by RAS, wireless, or VPN solutions.

SBI New Service Charges Started from 1st Oct-2019: ATM Withdrawal - AMB - Cash Deposits Everything You Want to Know