System Administration and IT Infrastructure Services
What does ldapsearch do?
Will search for entries in your directory database.
What is a solution to backing up user devices?
- Cloud based : Dropbox, iCloud, Google Drive
What are some spam mitigation and management solutions?
- DKIM (DomainKeys Identified Mail) - SPF (Sender Policy Framework) - DMARC (Domain-based Message Authentication, Reporting, and Conformance
What are the five most common types of printers?
- Inkjet - Laser - Impact - Thermal - 3D
What should the brief summary of a post-mortem include?
- What the incident was - How long it lasted - What the impact was - How it was fixed *Be mindful of time zones when listing dates
Regarding LDAP, there are three common ways to authenticate, what are they?
- anonymous - simple - SASL, Simple Authentication and Security Layer
Name 5 DHCP servers
-dnsmasq -ISC DHCP -FreeRADIUS -Kea DHCP -udhcpd
In Linux, the configuration files for the installed services are located in the _______ __________?
/etc directory.
Regarding vendor life cycles for commercial products, what are the four phases that can typically be seen across all?
1. Beta Testing Phase 2. Product Release and Primary Support Phase 3. Extended Support Phase 4. EOL phase
What are the three phases of the vendor life cycle?
1. Pre-Contract 2. Contract Delivery 3. Post Contract
What are the four stages of hardware lifecycle?
1. Procurement : Purchase or Reused for employee 2. Deployment : This is where hardware is setup 3. Maintenance : The stage where software issues are updated if and when they occur 4. Retirement : Hardware becomes unusable or no longer needed
Regarding vendor life cycle, what are the three phases of Pre-Contract?
1. Vendor Identification and engagement 2. Vendor qualification and risk mitigation 3. Vendor evaluation and selection
What is a KVM switch?
A Keyboard, Video, Mouse (KVM) switch is a hardware device that can be used to control more than one computer using a single keyboard, monitor, and mouse. Cost effective.
What is a RADIUS server?
A RADIUS (Remote Authentication Dial-In User Service) server is a client-server protocol and software that enables remote access servers to communicate with a central server to authenticate dial-in users and authorize their access to the requested system or service.
What is centralized management?
A central service that provides instructions to all of the different parts of an IT infrastructure.
Raid isn't a backup solution, what kind of solution is it?
A data storage solution. It also has redundancy built in at some RAID levels. It does not protect against accidental deletions or malware.
When an Active Directory domain is first set up, what does it contain?
A default user account, administrator, and several default user groups.
What is a Data Center?
A facility that stores hundreds, if not thousands, of servers
What is it called when you revert to the previous state?
A rollback.
What is vsftpd?
A simple FTP server that gets enabled by default when installed.
What is it called when one system in a redundant pair suffers a failure?
A single point of failure. This is because it only takes one failure now to completely take a system down.
What is a Test Environment?
A virtual machine running the same configuration as the production environment, but isn't actually serving any users of the service
Regarding Active Directory, what is ADAC?
Active Directory Administrative Center. A tool used for
What are two of the most popular directory services that use LDAP?
Active Directory and OpenLDAP.
What controls how many attempts someone gets to enter in their password before their account is locked in Active Directory?
Active Directory password policies.
In order for computers to take advantage of the essential authentication services of AD, they have to be joined or bound to what?
Active Directory.
What do hosts files allow you to do in networking?
Allows us to map IP addresses to host names manually. In Linux this is called /etc/hosts
What is lftp?
An FTP client program that allows us to connect to an FTP server.
There are two ways to run services, what are they?
On dedicated hardware, or on a virtualized instance on a server.
What are preventive measures?
Any procedures or systems in place that will proactively minimize the impact of a disaster.
If there's more than one person who can authenticate using the same username and password, then doing what becomes difficult or even impossible?
Auditing. To audit your infrastructure in this sense, means to analyze who performs specific actions in your IT infrastructure.
What is public cloud?
Cloud services provided to you by a third party.
Regarding LDAP entries, what does CN stand for?
Common Name of the object.
Each service has one or more __________ ______, that you as a sysadmin will use to determine how you want the service to behave.
Configuration files.
What is a reproduction case?
Creating a roadmap to retrace the steps that led the user to an unexpected outcome. Before you start fixing something, make sure you can recreate the error, as you'll want to make sure the problem is gone after you apply the fix.
What is the standard media for archival backup data storage?
Data tapes, these are a lot like cassette tapes because they use spools of magnetic tape run through machines that allow data to be written to and read back from the tape.
Should you perform differential or full backups more often?
Differential more frequently, and full backups infrequently.
Directory services provide something called AAA, what is that?
Directory services provide centralized Authentication, Authorization, and Accounting.
What service is responsible for granting or denying access to computers, file systems, and other IT resources?
Directory services.
Regarding LDAP entries, what does DC stand
Domain Component. So example.com would be split into "DC=example,DC=com"
In AD, the service that hosts copies of the active directory database are called what?
Domain Controllers, or DCs. These provide several services on the network. They host a replica of the active directory data and group policy objects. They also serve as DNS servers to provide name resolution and service discovery to clients. They provide central authentication. DCs get to decide when computers and users log onto the domain. They also get to decide whether or not they have access to shared resources like file systems and printers.
How would you modify configuration files to allow anonymous connections?
Edit the configuration file for this service that is located in the /etc/vsftpd.conf to change the anonymous setting from no to yes. 1. sudo vim /etc/vsftpd This opens the config file 2. Change anonymous enable from no to yes, then save config file.
How often is a GPO checked and enforced?
Every few minutes.
Describe a troubleshooting process for a domain name that won't resolve
First, check that your network connection is actually working. You can do a quick check by pinging google. (ping www.google.com) Next, to verify your DNS server is giving you a correct address, you can use nslookup. This gives us the name server of a host or domain name. Plug the returned IP into the url bar. Next, check your hosts file to see if DNS is finding an address there before checking the local server. If this is case, restart browser after applying changes.
What are the different versions of Active Directory referred to as?
Functional Levels. An Active Directory domain has a functional level that describes the features that it supports.
What is the most important tool for creating and viewing group policy objects?
GPMC, or Group Policy Management Console. You can find this in the server management software or by running GPMC.MSE from the command line.
How would you see the functional level of an Active Directory forest and domain
Get-AdForest Get-AdDomain
What Windows command can we use to get that status of a service?
Get-Service. Ex : Get-Service wuauserv - wuauserv is the shortcut for Windows update service
Regarding Active Directory, what are GPOs?
Group Policies. These are ways to manage the configuration of Windows machines.
What is a GPO?
Group Policy Object, or GPO, is a set of policies and preferences that can be applied to a group of objects in the directory. GPOs contain settings for computer and user accounts.
In Active Directory what is group scope?
Group scope has to do with the way that group definitions are replicated across domains.
What would a reload command look like for a service with updated config files?
sudo service vsftpd reload
What does IIS stand for? And what directory does it typically use? How can you add a website to an IIS server?
Internet Information Services. It typically uses the inetpub directory to serve websites. You can add a site by right-clicking on the list of websites and selecting the "Add Website" option. Then fill in the options you are presented with.
Regarding cloud services, what is autoscaling?
It allows the service to increase or reduce capacity as needed, while the service owner only pays for the cost lof the machines that are in use at any given time.
What will a load balancer do if a server has failed?
It can detect that a server has failed and can reroute and balance network traffic across the remaining servers.
What does LPAD stand for?
Lightweight Directory Access Protocol.
What does the Get-Service command do?
Lists all services registered in the system. The same actions call also be performed graphically using the services management console.
What are load balancers?
Load balancers monitor and route network traffic flowing to and from a pool of physical or virtual servers. Load balancers can be hardware (e.g. load balancing routers) or software (e.g. Citrix ADV Virtual Platform). They distribute traffic evenly, or by customized rules, across multiple servers.
What does DNS do?
Maps human-understandable names to IP addresses.
What does ldapmodify do?
Modifies an existing object
What is a batch update?
Once, every month or so, you update all servers with the latest security patches. You have to find time to take their services offline, perform the update, and verify that the new update works with the service.
It turns out the everything you do in ADAC is actually done in what language?
PowerShell. You can open the Windows PowerShell History in the bottom corner to see the commands that are being run by ADAC.
What are printing languages? And what are two of the most common types?
Printing language describes images on a screen to a printing device, so the printed output matches what is on the screen. They are also called page description languages. Two of the most common are Printer Control Language and PostScript.
What are the pros and cons of on-site backup solutions?
Pros : - The data is physically close, makes accessing quicker - Low bandwidth needs Cons : - Data loss due to damage at location (e.g. fire)
What are platform services?
Provide a platform for developers to code, build and manage software applications. This way developers don't have to deal with OS maintenance or other services that are needed to use for the platform tools.
What does the recordMyDesktop tool do?
Records the user's interactions with the GUI.
What does RAID stand for?
Redundant Array of Independent Disks. Which is a method of taking multiple physical disks and combining them into one larger virtual disks.
On Windows, most of the service configuration files are stored in the ______?
Registry. This can be modified using graphical wizards or using the set service command.
What does RBAC mean?
Role Based Access Control. If someone changes roles in the company all you have to do is change the group they are a part of, not the right that they have to directly access resources.
What are Security Groups in Active Directory?
Security Groups can contain user accounts, computer accounts, or other security groups. They're used to grant or deny access to IT resources. Ex : Domain User and Domain Admins
What do databases allow us to do?
Store, query, filter, and manage large amounts of data.
What is TLS?
TLS, or Transport Layer Security, is the most popular way to keep communication secure over a network. It is widely used to keep web browsing secure, but can be used in a lot of other applications as well.
What does ldapadd do?
Takes the input of an LDIF file and adds the context of the files
Active Directory can interoperate with Linux, OS-X, and other non-Windows hosts using what protocol?
The LDAP protocol.
Regarding LDAP, when you use simple authentication you just need what?
The directory entry name and password, this is usually sent in plain text, meaning it's not secure at all.
What is System Administration?
The field in IT that's responsible for maintaining reliable computer systems in a multi-user environment.
Joining a computer to active directory means two things, what are they?
The first is that AD knows about the computer and has provisioned a computer account for it. The second is that the computer knows about the Active Directory domain and authenticates with it.
When resolving a domain name, where does the DNS check before reaching the local DNS servers?
The hosts file.
What is Production when talking about Infrastructure?
The parts of the infrastructure where a certain service is executed and served to its users
What is data recovery?
The process of trying to restore dat after an unexpected event that results in data loss or corruption.
What GUI tool can you use to enable internet information services in Windows?
The server manager. You can access this by going to the control panel and selecting "Turn Windows Features On and Off".
What are Open IM Protocols?
These are widely used and integrated into different communication applications. One of the most popular communication protocols is XMPP.
What are restoration procedures?
These should be documented and accessible so that anyone with the right access can restore operations when needed.
When looking at a DHCP config file, what is the dhcp-range option at the bottom?
This is the range of IP addresses that the DHCP server can hand out. Depending on your specific setup, you may want to reserve some of the addresses in your network for machines that need to have a static address. Make sure you don't include the address of the DHCP server itself.
What is the Secondary or Stand-By Machine?
This machine will be exactly the same as a production machine, but won't receive any traffic from actual users until you enable it to do so
What is TFTP?
Trivial File Transfer Protocol. Requires no authentication or encryption. Any files stored here should not need to be secure. A popular use for these is to host installation files.
In real life, the DHCP server and DHCP client usually run on two _________ __________?
Two separate machines.
What does ldapdelete do?
Will remove the object that the LDIF file refers to.
When we say an LDAP entry, what are we referring to?
We're referring to the LDAP entry format or LDAP notation for records in the directory service. An LDAP entry is just a collection of information that's used to describe something. LDAP notation is used for entries in directory services to describe attributes using values.
When are computer accounts creates in AD?
When computers are joined to the AD domain.
What is XMPP?
XMPP, or Extensible Messaging and Presence Protocol. It's an open-source protocol used in instant messaging applications and social networking services. It is even used in IoT applications, among other things.
If you're managing an organization's website on a server, how do you enable TLS on the server so that the site can be using HTTPS?
You need to get a digital certificate of trust from an entity called a Certificate Authority. This authority granting you a certificate means that it trust that you control the web server, and verifies that you are who you say you are.
How do view a DHCP configuration file?
cat dhcp.config
How would you assign a network to dnsmasq?
dnsmasq needs to be told where to look for DHCP and DNS requests. You can do so by setting the listen-address option to its LAN IP addresses (remember to include 127.0.0.1) or you can restrict the interface dnsmasq listens on using the interface option (add more lines for more than one interface).
How would you test the syntax of a DNS file when using dnsmasq?
dnsmasq ——test
In general, the more users your service reaches, the more you'll want to...
ensure that changes aren't disruptive
How would you see how a DHCP interface looks?
ip address show eth_cli
Name 5 DNS servers
- BIND : often considered the standard conventional server - PowerDNS : exclusively CLI, backed as it is stable and robust with strong community support - Dnsmasq : mainly a DNS forwarder and a DHCP server managed via the CLI - Unbound : recursive DNS resolver - Erl-DNS
What is an intranet?
An internal network inside a company; accessible if you're on a company's network.
What is IT infrastructure?
Encompasses the software, the hardware, network, and services required for an organization to operate in an enterprise IT environment.
What is the EOL date?
End Of Life. That date is the point at which the vendor plans to end all support for the product and it is reclassified as a legacy product.
In Linux, what does the script command do? What is the Windows equivalent?
It can be used to record a group of commands as they're being issued, along with their output. The Windows equivalent is Start-Transcript.
What are the basic functionalities dnsmasq has enabled when you first install it?
It provides a cache for DNS queries. This means that you can make DNS requests to it, and you'll remember the answer so your machine doesn't need to ask an external DNS server each time you make the query.
When viewing a DHCP config file, what does the bind-interfaces option mean?
It tells the DHCP server not to listen on any other interfaces for any kind of queries. Only the selected interface. This allows us to have more than one dnsmasq server running at the same time, each on its own interface.
When looking at a DHCP config file, what does the domain option do?
It tells the clients the networks domain name and will be used for querying host names.
What will dnsmasq reply with if you ask for something that doesn't exist?
NXDOMAIN. Which means none existent domain.
What is NTP?
Network Time Protocol. One of the oldest internet protocols in use today, it is used to keep the clocks synchronized on machines connected to a network.
Is it okay to be using administrator rights for tasks that don't require them?
No.
What are Server Operating Systems?
Regular operating systems that are optimized for server functionality. This includes functions like allowing more network connections or more RAM. Server OS are usually more secure and come with additional services already built in.
What does RMM stand for?
Remote Monitoring and Management. Used by IT professionals to remotely monitor and manage information systems.
What is SFTP?
Secure File Transfer Protocol. A secure version or FTP, during this process data is sent through SSH and is encrypted.
Why would you have multiple DNS servers?
There are two main benefits of using a secondary DNS server : Redundancy and Resiliency. If the primary server fails or is compromised by an attack, prospective visitors can no longer access the desired domain.
In Windows, how do you start and stop a service?
These must be run as administrator : Stop-Service wuauserv Start-Service wuauserv
When looking at a DHCP config file, what do the two different DHCP options at the bottom do?
They are the additional information that will be transmitted to DHCP clients when the IP is assigned.
What is a use for a proxy server on an internal company network?
They can be used to monitor and log internal company network activity. They can be configured so certain websites are filtered from being accessed.
What does the Get-Service command do when piped to Format-List used with an asterisk?
This will show us what type of service it is and how it's configured to run. It's a good way to get additional information on a service you are interested in. Ex : Get-Service wuauserv | Format-List *
What command can we use on Linux to check to see if a service is running? NTP, for example.
We can check that there's an NTP daemon running on this machine using the service command : service ntp status
Regarding dnsmasq, how do we know that a query was actually answered by the service the machine is running?
We can run the service in debug mode so we get more information about whats going on behind the scenes. This isn't how you'd normally run the service, but it's useful for understand what's happening.
How would you set up your own DNS server so you can map your internal computers to IP addresses? This way you can reference a computer by name instead of IP addresses.
We can use a local host file which contains static IP addresses to host name mappings. Not scalable. We can set up a local DNS server that contains all the organizations computer names mapped to their IP addresses. This is a more central storage location for this information. Then we change our network settings for all our computers to use this DNS server instead of the one given to us by our ISP. It can be integrated with a directory service which handles user and machine information in a central location. Once we set up DNS in our directory service, it will automatically populate with machine to IP address mappings.
In order for a service to re-read its configuration to see an update, it needs to do what?
We need to tell it to reload. Reloading means that the service re-reads the configuration without having to stop and start. That way ongoing connections aren't interrupted, but new connections will use the new configuration.
What is WinRM?
Windows Remote Management. Microsoft's implementation of WS-Management in Windows which allows systems to access or exchange management information across a common network.
When configuring a DHCP server to integrate with DNS, what information do you need?
You need the address of your local DNS servers, what gateway you should assign, and the subnet mask that gets used. Once you solve the DHCP server software, you have to configure the settings with this information.
How would you install dnsmasq in Linux?
You would run the command : sudo apt install dnsmasq Once installed it's immediately enabled with the most basic functionality.
Regarding dnsmasq, how would you check the functionality of the DNS cache In Linux?
You would use the dig command. This lets us query DNS servers and see their answers. Ex : dig www.example.com @localhost This asks the DNS server running in localhost for the address of the website. The part after the @ sign indicates which DNS server we want to use.
What Linux command do you run to create an OpenSSH connection?
ssh [username]@[server IP address]
What Linux command do you run to install the OpenSSH client on the machine you will be sending a connection from?
sudo apt-get install openssh-client
What Linux command do you run to install the OpenSSH Server on the computer you wish to connect to?
sudo apt-get install openssh-server The SSH Server is just a process that listens for incoming ssh connections
How would you manually modify the date of the system to a date in the past, in Linux?
sudo date -s "2017-01-01 00:00:00" - this will reset to the current date when the service is restarted
How would you tell dnsmasq to start listening for queries using a certain config file?
sudo dnsmasq -d -q -c dhcp.config
What are the components of a post-mortem?
- A brief summary - Detailed timeline of key events - Detailed analyses of the root cause - Detailed documentation of resolution and recovery efforts - List of specific actions that should be taken to avoid the same scenario from happening again
What are the four load balancing types?
- Application - Network - Classic - Gateway
Name three dedicated configuration management frameworks
- Chef - Puppet - SCCM These can all be used for simple or powerful configuration management.
What are the most important groups in Active Directory?
- Domain Admins : The administrators of the Active Directory domain. The admin account is the only member in a new domain. - Enterprise Admins : Administrators of the Active Directory Domain. The admin account is the only member in a new domain. - Domain Users : This is a group that contains ever user account in the domain. - Domain Computers : Contains all computers joined to the domain except domain controllers. - Domain Controllers : Contains all the domain controllers in the domain.
Name other things that should be monitored to help head-off any unexpected disasters.
- Environmental sensors - Flood sensors - Temp & Humidity sensors - Smoke detectors & fire alarms - Evacuation procedures
What are some ways to perform regular backups?
- Full backup : Full unmodified contents of all files to be backed up is included, even files that haven't changed, which can be inefficient. - Differential Backup : Only backups files that have been modified or created since the last backup. You would still need full backup just in case. - Regular Incremental Backups : only that data that's changed in files since the last incremental backup is backed up.
What is a good way to understand what to plan for when thinking about disasters?
- Perform a risk assessment - Determine backup and recovery systems - Determine detection & alert measures - Test systems to make sure they work - Determine recovery measures
What are the types of spam?
- Phishing Emails - Text Spam - Email Spoofing - Tech Support Scams - Call Spam or Robocalls
Regarding vendor life cycle, what are the three phases of Contact Delivery?
1. Performance management monitoring 2. Risk management 3. Vendor relationship management
Regarding vendor life cycle, what is the only phase of Post-Contract?
1. Vendor Offboarding
When looking for a reproduction case, there are three questions you will need to answer?
1. What steps did you take to get to this point? 2. What's the unexpected or bad result? 3. What's the expected result? Remember, always do this in your test environment, not production.
Using PowerShell, how would you join a computer to a domain?
1st : Add-Computer -DomainName 'example.com' -Server 'dc1' 2nd : you will be prompted for credentials That's it. By default this command wont automatically reboot the machine to complete the domain join. If you add the -Restart parameter, the computer will take care of that too.
What is a disaster recover plan?
A collection of documented procedures and plans on how to react and handle an emergency or disaster scenario, from the operational perspective. This includes things that should be done before, during, and after a disaster.
What are Windows Workgroups?
A collection of standalone computers that work together. These are not centrally administered so they become harder and harder to manage as the size of the network grows.
What is rsync?
A command line utility that isn't explicitly a backup tool but is commonly used for this purpose. It is a file transfer utility that's designed to efficiently transfer and synchronize files between locations or computers. It supports compression and can use SSH to securely transfer data over a network. Using SSH it can also synchronize remote machines.
There's one level of hierarchy above a domain that we don't see in this tool, and that's what?
A forest. If you look at the logical shape of a domain, it looks like a tree, so the name even makes sense. A forest contains one or more domains. Accounts can share resources between domains in the same forest.
Regarding cloud services, what are regions?
A geographical location containing a number of data centers. Each of these data centers is called a zone. Each zone is independent of one another. This provides redundancy.
What is the Windows Registry?
A hierarchical database of settings that Windows, and many Windows applications, use for storing configuration data.
What does a directory server provide?
A lookup service for an organization.
With certain exceptions, AD doesn't store the user's password. Intsead, it stores a?
A one-way cryptographic hash of the password.
What is FAT32?
A popular file system that is compatible with Windows, Linux, and MacOSs. But it has severe limitations on the amount of data you can store on a volume.
What is a post-mortem?
A post-mortem is a way for you to document any problems you discovered along the way, and most importantly, the ways you fixed them so you can make sure they don't happen again.
What is Active Directory?
Active Directory is a feature of Windows Server OS and it contains User Accounts, Objects/Host Names, Group Policies and Domain Services. For example, Active Directory will have information about a user login credentials. In addition, it can contain group policy that will apply different permissions to user accounts that belong to specific groups within organization; within a domain.
What is a proxy server?
Acts as an intermediary between a company's network and the internet. They receive network traffic and relay that information to the company network. This way company network traffic is kept private from the internet, the internet gets trafficked through a proxy server, but it doesn't know where it originally came from. It only knows the proxy.
In AD, what are Enterprise Admins?
Administrators of an Active Directory Domain. They also have a permission to make changes to the domain that affect other domains in multi-domain forest. The admin account is the only member in a new domain.
When would we create a post-mortem?
After an incident, an outage, or some event when something goes wrong, or at the end of a project to analyze how it went.
Because dnsmasq also has DNS capabilities as well as DHCP, this means it will provide an __________ ___________ for local queries?
An authoritative answer.
What is TimeMachine?
Apple's first party backup solution for Mac OSs. It operates using an incremental backup model, it supports restoring an entire system from backup, or individual files.
Once you've tested your changes in the Test Environment and are ready to deploy them to production, what is the correct process to do so?
Apply the changes to the secondary machine, once the changes have been applied make the standby machine the primary machine, and then apply the changes to the other machine. Always try changes in the Test Environment first. Always.
In Active Directory ordinary containers can't contain other containers, but _____ can contain other ______ ?
But OUs can contain other OUs (Organizational Units)
In Linux, a common print server that's usually pre-installed on machines is called?
CUPS, or Common Unix Printing System. CUPS allows you to easily manage printers from a simple web URL.
Aside from centralizing users and the resources they have access to, what else can you centralize with directory services?
Configuration management. By centralizing the config management of your computers and software, you can create rules about how things should work in your organization.
What is a directory server?
Contains a lookup service that provides mapping between network resources and their network addresses
What is a DNSBL?
DNS Black List. These lists contain the IP addresses of mail servers that were reported to send spam or junk mail (or for having improperly configured DNS records).
What else are background processes known as?
Daemons, or just services. This means that the program doesn't need to interact with a user through the GUI or the CLI to provide the necessary service.
Regards LDAP entries, what does dn mean?
Distinguished name. A unique entry name denoted by dn, then followed with attributes of that entry.
What is FTP?
File Transfer Protocol. A legacy way to transfer files from one computer to another over the internet. It is still in use today but is not a very secure way to transfer data because it doesn't handle data encryption.
What are file storage services?
File storage services allow us to centrally store files and manage access between files and groups. You can setup a file storage server that will let users access a shared directory to modify or add files and much, much more.
Using the GUI, how would join a computer to a domain?
First, click computer, then system properties. Click change settings and then change in the popup window. In the computer name/domain changes window, you can see the computer can either be a member of the domain or workgroup, but not both at the same time. You then select domain and type in the name of the domain. When you click OK the computer will reach out on the network to find the domain controller for the AD domain. You will then be asked for a username and password to be authorized to join the domain.
Why do you need to set up your own DNS servers if DNS works out of the box?
First, if you are running a web service you want to be able to tell the internet what IP address to reach your website at. To do that you need to set up DNS. Second, you probably want to work on your server or user machines remotely. To do that you need DNS to map the IP address to the host name.
What are the two ways to point a domain name to where the web content is?
First, most domain registrars can provide you with DNS settings and you can give the IP address of where your content is stored. Second, you have to set up an Authoritative DNS server for your website. This is the server that knows exactly what the IP address is for the domain name.
How do you enable server manager in Windows 11?
First, open settings, then go to apps. Next, click on optional features then view features, search for service manager and Add RSAT:Server Manager. It is only available for Enterprise and Business versions.
How does DNS get set up for a website?
First, we need a domain name. Next, we want to point our website files to this domain name. Our files can be stored on a cloud hosting provider or we can decide to control this ourselves and store it on our own servers. Then we need to point our domain name to where our web content is located.
What is disaster recovery testing?
Going through your restoration procedures and making sure they still work and that your backups are valid.
What is IMAP?
IMAP, or Internet Message Access Protocol, allows you to download emails from your email server onto multiple devices. It keeps your messages on the email server.
What is Internet Relay Chat?
IRC, or Internet Relay Chat, is a protocol that's used for chat messages. IRC operates in a client-server model, so lots of IRC client software can be used to connect to an IRC server. It is a free alternative to other chat applications.
How can user accounts be locked by Active Directory?
If someone enters a wrong password for that account too many times. What's an account is locked, nobody can authenticate with the account until the account is unlocked by an administrator.
What are a few reasons you might want to use POP3 to get your email?
If you need to keep your email storage under a certain quota, this is a good way to maintain that storage limitation. Another benefit is privacy, your email can only be seen from your local device.
Why is replication important?
It provides redundancy by having multiple servers available simultaneously. It also decreases latency when you access the directory service.
What is Kerberos?
Kerberos is a network authentication protocol, that's used to authenticate user identity, secure the transfer of user credentials, and more.
Domain controllers provide central authentication through a network security protocol called ?
Kerberos.
When we need to describe the full path of an object in AD, we'll often use what notation?
LDAP notation.
What is LDAP?
LDAP, or Lightweight Directory Access Protocol. This is used to access information in directory services over a network.
The last value in the DHCP range Line is the length of the ?
Lease time for the IP address. Ex : 12h would mean 12 hours and once an address is assigned to a machine, it will be reserved for that machine for those 12 hours.
Since a domain can control the configuration of all the computers that are bound to it, domain admins can become ______ ________ of all of those machines too.
Local Administrators. This is a huge amount of power and responsibility. So don't add accounts to this group lightly.
If you a large fleet of machines, is it better etiquette to use a local or public NTP server?
Local. It is better to have your own server. Another good practice is to run your own NTP server, then have that point to a public NTP server. This makes it so that you don't connect all your clients to a public NTP server and you don't have to measure time synchronization.
What is operational documentation?
Make sure that every important operationally procedure is documented and accessible. This includes things like setting up & configuring critical systems and infrastructure. Any steps, or specific configuration details that are needed to restore 100% functionality to core systems and services should be documented in detail. It is also important for this documentation to be kept up to date. Periodically verify that the steps work.
What are detection measures?
Meant to alert you and your team that a disaster has occurred that can impact operations.
What is Microsofts first party backup solution?
Microsoft Backup and Restore. This has two modes of operation : - File based : files are backed up to a zip archive. This support either incremental or complete backups. - System image : the entire disk is saved block by block to a file. This supports differential mode, only backing up blocks on the disk that have changed since the last backup.
What is NAS?
NAS, or Network Attached Storage, are computers optimized for file storage. They usually come with an operating system that's stripped down in order just to serve files over a network. They have a lot of storage space.
What is NFS? What's the easiest way to setup a server?
NFS, or Network File System, is a protocol that enables files to be shared over a network. While it works with all major OSs, there are still interoperability issues with Windows. The easiest way to setup an NFS server is by using a Linux environment. You can install NFS server software, then modify the configuration files for the directories that you want to allow shared access to. Once you do that, the NFS service will be running in the background on the server.
Can all data types be compressed by compression algorithms?
No, which means that space savings from compression will depend on what you are backing up.
What is a quick overview of what happens when a DHCP and DNS server integrate?
Once you turn on your DHCP server and your clients are set to receive DHCP addresses instead of static IP addresses, you should have working DHCP settings. In the DHCP configuration settings, we can specify a DNS server location. The two servers then sync up and when DHCP leases out new addresses, DNS updates IP addresses automatically.
When would an Enterprise Administrator account be used in AD?
Only on very rare occasions, such as the Active Directory Forest being upgraded to a new version.
PuTTY in Windows is similar to which Linux tool?
OpenSSH. SSH.
Regarding LDAP entries, what does OU stand for?
Organizational Unit, such as a group.
Regarding directory services, what are the hierarchal containers called?
Organizational Units. OUs. They can contain objects or more organizational units.
What is POP3?
POP3, or Post Office Protocol Version 3, is an email protocol that downloads email from an email server onto your local device, it then deletes the email from the email server. If you want to retrieve your email from POP3, you can only view it from one device.
What is PXE?
PXE, Preboot eXecution Environment. This allows you to boot into a software that's available in the network. A common use case for an organization that want to install software over a network, is it to keep operating system installation files in a TFTP server. That way, when you perform a network boot you will automatically be launched into the installer.
One of the key advantages of central authentication is that it simplifies the management of what?
Passwords. Once a user changes their password in Active Directory, that change is effective on every machine that they're permitted to log onto.
How do you set up a public NTP server?
Public NTP servers are managed by other organizations that your client machines connect to in order to get synchronized time.
It's common for most DCs in the AD network to be the ______-______ replicas?
Read-write. This means that each have a complete copy of the AD database and are able to make changes to it. Those changes are then replicated to all other copies of the databases on other DCs. Replication is usually quick and the last change usually wins in almost all cases.
What are the required components to setup a mail server? And what are some additional ones you may want to add?
Required : - Mail Transfer Agent - Mail Delivery Agent - IMAP and/or POP3 server Additional : - Spam Filter - Antivirus - Webmail
What is SAM when creating a new user in AD?
SAM, or Security Account Manager, is a database in Windows that stores user names and password. This is where SamAccountName comes from when creating a new user.
Regarding LDAP, what is SASL authentication?
SASL, or Simple Authentication and Security Layer. This method can employ the help of security protocols like TLS and Kerberos. SASL authentication requires the client and the directory server to authenticate using some method. One of the most common methods for this is using Kerberos.
Regarding Samba, what is SMB?
SMB, or Server Message Block, is a protocol that Samba implements. It is a network file sharing protocol that allows applications on a computer to read and write to files and to request services from server programs in a computer network. Fun fact : when you create a Windows shared folder it uses the SMB protocol.
What is SMTP?
SMTP, or Simple Mail Transfer Protocol, is used for sending emails. This is really the only protocol for sending email.
What is SSL?
SSL, or Secure Socket Layer protocol, is a way of securing communication between a web server and client, but its pretty old and insecure. Therefore, its been deprecated in favor of TLS.
If your fleet consists of mostly Windows machines, what would you want to take a look at instead of NFS?
Samba. This is a software suite and these services are similar to NFS, all OSs can use it and you can centrally share and manage file services. The only reason you'd consider this over NFS, is because it works better with Windows OSs.
Aside from GPOs, what are two other tools you can use to make Group Policies apply more selectively?
Security filtering and WMI filters.
Lots of systems that support redundant power supplies also have a function to do what?
Send alerts on power loss events so they can be gracefully shut down before they completely lose power.
What are service vendors?
Service vendors are often businesses that offer specialized services, products, and/or skilled labor to other businesses.
What are software services?
Services that employees use that allow them to do their daily job functions. Ex : Word Processors, Email Clients, etc.
Regarding GPOs, what are policies specifically?
Settings that are reapplied every few minutes, and aren't meant to be changed even by the local administrators. By default they are reapplied on the machine every 90 minutes.
Regarding GPOs, what are group policy preferences specifically?
Settings that, in many cases, are meant to be a template for settings. But someone can change these and it won't be overwritten.
What is the next step after writing a post-mortem report?
Share the report with other people on your team and/or other teams.
Regarding DCs in AD, what is FSMO?
Some changes to the AD database can only be safely made by one DC at a time. We task those changes to a single domain controller by granting it an FSMO, or a FLEXIBLE SINGLE-MASTER OPERATIONS role.
How would you direct the output of Start-Transcript to a file?
Start-Transcript -Path C:\Transcript.txt When you want to stop recording you need yo call Stop-Transcript.
If an IP address lease expires without the client renewing it, what can happen?
The address can be assigned to a different machine.
There are two categories of group in Active Directory, what are they?
The most common one is called a Security Group. The other type of group is called a distribution group. A distribution group is only designed to group accounts and contacts for email communication.
The ideal enterprise quality directory server should support replication, what is replication?
The stored directory data can be copied and distributed across a number of physically distributed servers, but still appear as one, unified datastore for querying and administrating.
If you used an email service provider, such as Google Suite, how would it work?
These service providers allow you to create email inboxes and more by paying a monthly fee for every user in your organization. This ties you into the Gmail web mail client and allows you to access your email from anywhere. As long as you're connected to the internet.
What are directory services?
They are useful for organizing data and making it searchable for an organization. This is achieved through a hierarchal model of objects and containers.
If a person has used the NTFS encrypting file system or EFS feature to encrypt files, what may happen to those files if the person's password is reset?
They can lose access to those files.
GPOs don't do anything until what happens?
They're linked to domains, sites, or OUs. When you link a GPO, all of the computers or users under that domain, site, or OU will have that policy applied. A GPO can contain computer configuration, user configuration, or both.
Regarding LDAP, what is the bind operation?
This authenticates clients to the directory server.
Pros and Cons of off-site backups?
This involves making backups of critical data, then sending that data off-site. Pros : - Data is safer in multiple locations Cons : - Needs security and encryption - Needs large amounts of bandwidth
What is a risk assessment?
This involves taking a long, hard look at the operations and characteristics of your teams. It allows you to prioritize certain aspects of the organizations that are more at risk if there's an unforeseen event. Pay attention to systems that lack redundancy.
What will the command script session.log do?
This will write the contents of your session to the session.log file. When you want to stop recording, you can write exit or press CTRL-D. The generated file will be in ANSI format which includes the colors that were displayed on the screen. In order to read them, you can use commands like ansi2txt or ansi2html to convert it to plain text or HTML, respectively.
What are corrective or recovery measures?
Those enacted after a disaster has occurred. Things like restoring loss data from backups or rebuilding and configuring systems that were damaged.
How can you interact with LDAP?
Through the command line (admin) or PHP LDAP admin (Web Interface).
What is one approach that balances cost with convenience when it comes to data storage and backup solutions?
To archive older data using a slower but cheaper storage mechanism. This data is for long term storage and isn't likely to be needed. If it is needed, some delay in getting the data isn't a concern.
In Active Directory, what is one reason you might create a distribution group?
To create an email list that includes people from outside your domain.
What is the best way to prepare for a data-loss event?
To have a well-thought-out disaster plan and procedure in place. Disaster plans should involve making regular backups of any and all critical data that's necessary for your ongoing business processes.
What is the purpose of a post-mortem?
To learn something from an event or project, not to punish anyone or highlight mistakes.
When using dnsmasq, how would you edit the DNS config file?
To make any changes to the default settings you'll need to open the configuration file at /etc/dnsmasq.conf with a text editor. Inside will be well commented and explained options.
What is the expense of compressing data in a backup?
To recover the data, it must be decompressed, depending on the size of your backups this could take a lot of time and disk space to expand.
There are two ways to set up email for a company, what are they?
To run your own managed server or use an email service provider, like Google Suite.
If uptime and availability is important to your organization, you'll likely have two of which kind of connection?
Two internet connections, a primary and a secondary. You'll want to monitor the connection status of both of these links. Ideally, they should be configured to automatically fail over if one goes down. But, you'll still want to be alerted when this happens so you can investigate what happened and fix it.
Aside from using dnsmasq as a querying DNS server, what else can we do with it regarding host names and IP addresses?
We can give it a list of host names and IP addresses and have this service give authoritative answers for them. You just need a txt file that lists which IP is associated with each host. We use the -H parameter to tell the dnsmasq that we want to include this list in the information being served. Ex: sudo dnsmasq -d -q -H myhosts (myhosts is a text file with IPs and hosts)
What is one thing that often gets overlooked in post-mortems?
What went well. This is just as important as analyzing what went wrong. These include fail safe or failover systems that worked as designed and prevented or minimized a large outage. These are good examples to show why the systems are worth the cost they require.
How do domain joined computers actually get the GPOs?
When a domain joined computer or user signs into the domain by contacting a domain controller. That domain controller gives the computer a list of Group Policies that it should apply. The computer then downloads those policies from a special folder called SYSVOL that's exported as a network share from every domain controller. This folder is replicated between all of the domain controllers and can also contain things like log-in and log-off scripts. Once downloaded they are applied to the computer.
When is computer configuration applied in Active Directory?
When the computer signs into Active Directory. This will happen each time the computer boots into Windows, unless its disconnected from the network at the time it's booted up.
Services are usually configured to start when ...
When the machine boots, so that if there's a power outage or a similar event that causes the machine to reboot, you won't need a sysadmin to manually start the service.
Domain admins accounts should only be used when?
When you are deliberately making changes to Active Directory. Your normal user account should be very much like other user accounts in the domain.
What is private cloud?
When your company owns the services and the rest of your infrastructure - whether on-site or in a remote data center.
Many policies and preferences in GPOs are represented as values in the what?
Windows Registry. GPOs are applied by making changes to the Registry.
What is different about using IaaS vs SaaS for cloud?
With IaaS, you are hosting your own services in the cloud. You need to decide how you want the infrastructure to look, depending on what you want to run on it. Saas comes as a pre-configured software with few customization options.
What are some operations you can use in LDAP?
You can add a new entry in the directory server database, like creating a new user object. You can delete or modify entries and much, much more. The bind operation.
When managing IT infrastructure, and you want to connect a computer on a network, you have two options when it comes to IPs, what are they?
You can grant it a static IP address or give it a DHCP assigned IP address. When you use static IPs you must keep track of every IP address you assigned a computer, and manually enter it in the network settings. If you enable DHCP, your computers will be leased an IP address from a DHCP server. This is a DHCPOFFER.
How do you set up a local NTP server?
You can install NTP server software on your managed server, then you install NTP clients on your machines and tell those computers which NTP servers to sync their time to.
In AD what is delegation?
You can set up ACLs on Active Directory Objects. For example, if there are some admin tasks you need to perform a lot then you but you don't need broad access to make changes to AD, then you would use delegation.
How do you set up a print server?
You have to install a print service on a server. Most server OSs already come with a printer service readily available. With the print service set up, you need to add the printer to the client machine.
For each client that wants to access an NFS, how would you set that up?
You just mount the file system the way you would any other file system. Except, you'd use the host name instead of a physical disk device. From there, you can access the shared directory like you would any other folder in a computer.
How would you run your own email server?
You set up the email server software on a server, then you create a DNS record for your mail server. You then have to make sure it actually works, protect the email addresses from spam, filter out viruses, and more. This can be one of the most complicated servers to set up.
In large enterprise deployments, you probably have different programs serving each of the networking services, in smaller set ups, you may be better off have a centralized solution that handles all services, what program would you use for this?
dnsmasq. This is a program that provides DNS, DHCP, TFTP, and PXE services in a simple package. This will let us do some hands on configuration of these services, even if it's not as complex as other networking solutions.
As an IT specialist, when an unexpected event occurs, your main objective is to _________ _________ __________ as soon as possible, while minimizing the disruption to business functions.
resume normal operations.
How would you run a DHCP client on a terminal?
sudo dhclient -i eth_cli -v dhclient is a very common DHCP client on Linux. We are telling it to run on the eth_cli interface and we are using the -v flag to see the full output of what's happening.
How would you run dnsmasq in debug mode in Linux?
sudo dnsmasq -d -q By passing d and q we are telling dnsmasq that we want to run it in debug mode and that we want it to log the queries that we execute. We will see the debug output in the dnsmasq console.
What command would you use on Linux to restart a service? NTP, for example.
sudo service ntp restart
What command can we use on Linux to stop a service? What about to start? NTP, for example.
sudo service ntp stop sudo service ntp start - any user can check the status of a service, but only an administrator can start or stop one.
In general, the more important your service is to your company's operations, the more you'll ...
work to keep the services up
