Finding Encrypted Files

Get Fast Access to System Settings
Finding Encrypted Files

Unless you use a command-line utility like Cipher.exe, it's difficult to see at a glance which files are encrypted

and which is not. Right-clicking each file and then choosing Properties, General, Advanced (followed by Cancel,

Cancel) is tedious.

• Open a folder containing the encrypted files.
• On the View menu, choose Details, and then select Attributes. Encrypted files show a letter E in the Attributes

column. You can also set an option so that the names of encrypted files appear in a different color from other file

names.
• On the Tools menu, choose Folder Options, click the View tab, and select Show Encrypted or Compressed NTFS Files

in Color.

Protect Your Files during a Power Outage

If the power goes out while your computer is on standby, you lose whatever is in memory. If you have any unsaved

documents, for example, they're gone. With an uninterruptible power supply (UPS), however, you can prevent data

loss during blackouts.

Although the blackout might last longer than the battery run time provided by the UPS, you can prevent loss, even

if your computer happens to be on standby and you're away when the power goes out.
• Enable hibernation. (Click Start, clicks Control Panel, clicks Performance and Maintenance, and then clicks Power

Options. On the Hibernate tab, select Enable Hibernate Support.
• Specify a time for the computer to switch to hibernation. This should be less than the battery run time. (On the

Power Schemes tab, set a time for System Hibernate under Running On Batteries.)

List of important port numbers

List of important port numbers

15        -        Netstat

21        -        FTP

23        -        Telnet

25        -        SMTP

42        -        WINS

53        -        DNS

67        -        Bootp

68        -        DHCP

80        -        HTTP

88        -        Kerberos

101      -        HOSTNAME

110      -        POP3

119      -        NNTP

123     -        NTP     (Network time protocol)

139      -        NetBIOS

161      -        SNMP

180      -        RIS

389      -        LDAP (Lightweight Directory Access Protocol)

443      -        HTTPS (HTTP over SSL/TLS)

520      -        RIP

79        -        FINGER

37       -        Time

3389    -       Terminal services

443     -        SSL (https) (http protocol over TLS/SSL)

220      -        IMAP3

3268    -        AD Global Catalog

3269    -        AD Global Catalog over SSL            

500     -       Internet Key Exchange, IKE (IPSec) (UDP 500)

Abbrevations

UNC               Universal Naming Convention

\\servername\shared name (It is used to access the shared folder)

MAC              Media Access Control

PDC                Primary Domain Controllers

BDC               Backup Domain Controllers

SMP                Symmetric Multi Processors

AMP               Asymmetric Multi Processing

EFS                 Encrypted File System

FAT                File Allocation Table

HCL               Hardware Compatibility List

IIS                   Internet Information Service

LSA                Local Security Authority

MMC              Microsoft Management Console

OU                  Organizational Unit

RAS                Remote Access Service

RDP                Remote Desktop Protocol (used for Terminal Services)

RRAS             Routing and Remote Access Service

SID                 Security Identifier

WINS             Windows Internet Name Service

GUID             Globally Unique identifier

IAS                 Internet Authentication Service

UPN                User Principle Name (Username@domainname.com)

BIOS               Basic Input Output System

Net BIOS        Network Basic Input/Output System

ARP                Address Resolution Protocol

DVD               Digital Video Disk

GPO               Group Policy Object (LGPO Local Group Policy Object)

IPsec               Internet Protocol Security

ISP                  Internet Service Provider

NAT               Network Address Translation

MBT               Master Boot Record

USB                Universal Serial Bus

POST              Power On Self Test

SCSI               Small Computer System Interface

SMTP             Simple Mail Transfer Protocol

URL               Uniform Resource Locator

RAID              Redundant Array of Independent Disk

IDE                 Intelligent drive Electronics or Integrated Drive Electronics

FQDN             Fully Qualified Domain Name (full computer name) [computername.domainname.com]

OSPF              Open Shortest Path First       (these two are routing protocols)

RIP                 Routing Information Protocol

POP3              Post Office Protocol   (used to receive the mails)

SMTP             Simple Mail Transfer Protocol            (Used to send the mails)

SMPS             Switch Mode Power Supply

PING              Packet Internet Groper

VNC               Virtual Network Computing

EULA             End User License Agreement

CAL               Client Access License

TSCAL          Terminal Services Client Access License

UPS                Uninterruptible Power Supply

BIND              Berkeley Internet Name Domain

PXE                Pre boot eXecutable Environment

UDF                Uniqueness Database file

LDAP             Light weight Directory Access Protocol

ISDN              Integrated Services Digital Network

VLSM                        Variable Length Subnet Mask

CIDR              Classless Inter Domain Routing

IGMP             Internet Group Management Protocol

FSMO             Flexible Single Master Operations     

APIPA            Automatic IP addressing

NetBEUI        Net Bios Enhanced User Interface

UDP                User Datagram Protocol

FTP                File Transfer Protocol

Mbps              Mega bits per second

Ntds.dit           Nt directory services.directory information tree.

ICMP             Internet Control message Protocol

IGMP             Internet group Management Protocol

NNTP                         Network News Transfer Protocol

RADIUS        Remote Authentication Dial In User service

SNMP             Simple Network Management protocol

VPN                Virtual Private Network

L2TP              Layer2 Tunneling Protocol

PPTP              Point to Point Tunneling Protocol

ADSI              Active Directory Service Interfaces

SUS                 Software Update Service

SMS                System Management Service

WUS               Windows Update service

TFTP              Trivial File Transfer Protocol

TCP / IP Reference Page

Protocols according to layers

Data Link Layer
Network Layer
Transport Layer
Session Layer
Application Layer
Routing
Tunneling
Security 

The Defense Advance Research Projects Agency (DARPA) originally developed Transmission Control Protocol/Internet Protocol (TCP/IP) to interconnect various defense department computer networks. The Internet, an international Wide Area Network, uses TCP/IP to connect government and educational institutions across the world. TCP/IP is also in widespread use on commercial and private networks. The TCP/IP suite includes the following protocols

Data Link Layer
ARP/RARP	Address Resolution Protocol/Reverse Address
DCAP	Data Link Switching Client Access Protocol
Network Layer
DHCP	Dynamic Host Configuration Protocol
DVMRP	Distance Vector Multicast Routing Protocol
ICMP/ICMPv6	Internet Control Message Protocol
IGMP	Internet Group Management Protocol
IP	Internet Protocol version 4
IPv6	Internet Protocol version 6
MARS	Multicast Address Resolution Server
PIM	Protocol Independent Multicast-Sparse Mode (PIM-SM)
RIP2	Routing Information Protocol
RIPng for IPv6	Routing Information Protocol for IPv6
RSVP	Resource ReSerVation setup Protocol
VRRP	Virtual Router Redundancy Protocol
Transport Layer
ISTP
Mobile IP	Mobile IP Protocol
RUDP	Reliable UDP
TALI	Transport Adapter Layer Interface
TCP	Transmission Control Protocol
UDP	User Datagram Protocol
Van Jacobson	compressed TCP
XOT	X.25 over TCP
Session Layer
BGMP	Border Gateway Multicast Protocol
Diameter
DIS	Distributed Interactive Simulation
DNS	Domain Name Service
ISAKMP/IKE	Internet Security Association and Key Management Protocol and Internet Key Exchange Protocol
iSCSI	Small Computer Systems Interface
LDAP	Lightweight Directory Access Protocol
MZAP	Multicast-Scope Zone Announcement Protocol
NetBIOS/IP	NetBIOS/IP for TCP/IP Environment
Application Layer
COPS	Common Open Policy Service
FANP	Flow Attribute Notification Protocol
Finger	User Information Protocol
FTP	File Transfer Protocol
HTTP	Hypertext Transfer Protocol
IMAP4	Internet Message Access Protocol rev 4
IMPPpre/IMPPmes	Instant Messaging and Presence Protocols
IPDC	IP Device Control
IRC	·Internet Relay Chat Protocol
ISAKMP	Internet Message Access Protocol version 4rev1
ISP
NTP	Network Time Protocol
POP3	Post Office Protocol version 3
Radius	Remote Authentication Dial In User Service
RLOGIN	Remote Login
RTSP	Real-time Streaming Protocol
SCTP	Stream Control Transmision Protocol
S-HTTP	Secure Hypertext Transfer Protocol
SLP	Service Location Protocol
SMTP	Simple Mail Transfer Protocol
SNMP	Simple Network Management Protocol
SOCKS	Socket Secure (Server)
TACACS+	Terminal Access Controller Access Control System
TELNET	TCP/IP Terminal Emulation Protocol
TFTP	Trivial File Transfer Protocol
WCCP	Web Cache Coordination Protocol
X-Window	X Window
Routing
BGP-4	Border Gateway Protocol
EGP	Exterior Gateway Protocol
EIGRP	Enhanced Interior Gateway Routing Protocol
HSRP	Cisco Hot Standby Router Protocol
IGRP	Interior Gateway Routing
NARP	NBMA Address Resolution Protocol
NHRP	Next Hop Resolution Protocol
OSPF	Open Shortest Path First
TRIP	Telephony Routing over IP
Tunneling
ATMP	Ascend Tunnel Management Protocol
L2F	The Layer 2 Forwarding Protocol
L2TP	Layer 2 Tunneling Protocol
PPTP	Point to Point Tunneling Protocol
Security
AH	Authentication Header
ESP	Encapsulating Security Payload
TLS	Transport Layer Security Protocol

 

Windows Server 2003 interview and certification questions

1. How do you double-boot a Win 2003 server box? The Boot.ini file is set as read-only, system, and hidden to prevent unwanted editing. To change the Boot.ini timeout and default settings, use the System option in Control Panel from the Advanced tab and select Startup.
2. What do you do if earlier application doesn’t run on Windows Server 2003? When an application that ran on an earlier legacy version of Windows cannot be loaded during the setup function or if it later malfunctions, you must run the compatibility mode function. This is accomplished by right-clicking the application or setup program and selecting Properties –> Compatibility –> selecting the previously supported operating system.
3.  If you uninstall Windows Server 2003, which operating systems can you revert to? Win ME, Win 98, 2000, XP. Note, however, that you cannot upgrade from ME and 98 to Windows Server 2003.
4. How do you get to Internet Firewall settings? Start –> Control Panel –> Network and Internet Connections –> Network Connections.
5. What are the Windows Server 2003 keyboard shortcuts? Winkey opens or closes the Start menu. Winkey + BREAK displays the System Properties dialog box. Winkey + TAB moves the focus to the next application in the taskbar. Winkey + SHIFT + TAB moves the focus to the previous application in the taskbar. Winkey + B moves the focus to the notification area. Winkey + D shows the desktop. Winkey + E opens Windows Explorer showing My Computer. Winkey + F opens the Search panel. Winkey + CTRL + F opens the Search panel with Search for Computers module selected. Winkey + F1 opens Help. Winkey + M minimizes all. Winkey + SHIFT+ M undoes minimization. Winkey + R opens Run dialog. Winkey + U opens the Utility Manager. Winkey + L locks the computer.
6. What is Active Directory? Active Directory is a network-based object store and service that locates and manages resources, and makes these resources available to authorized users and groups. An underlying principle of the Active Directory is that everything is considered an object—people, servers, workstations, printers, documents, and devices. Each object has certain attributes and its own security access control list (ACL).
7. Where are the Windows NT Primary Domain Controller (PDC) and its Backup Domain Controller (BDC) in Server 2003? The Active Directory replaces them. Now all domain controllers share a multimaster peer-to-peer read and write relationship that hosts copies of the Active Directory.
8. How long does it take for security changes to be replicated among the domain controllers? Security-related modifications are replicated within a site immediately. These changes include account and individual user lockout policies, changes to password policies, changes to computer account passwords, and modifications to the Local Security Authority (LSA).
9. What’s new in Windows Server 2003 regarding the DNS management? When DC promotion occurs with an existing forest, the Active Directory Installation Wizard contacts an existing DC to update the directory and replicate from the DC the required portions of the directory. If the wizard fails to locate a DC, it performs debugging and reports what caused the failure and how to fix the problem. In order to be located on a network, every DC must register in DNS DC locator DNS records. The Active Directory Installation Wizard verifies a proper configuration of the DNS infrastructure. All DNS configuration debugging and reporting activity is done with the Active Directory Installation Wizard.
10. When should you create a forest? Organizations that operate on radically different bases may require separate trees with distinct namespaces. Unique trade or brand names often give rise to separate DNS identities. Organizations merge or are acquired and naming continuity is desired. Organizations form partnerships and joint ventures. While access to common resources is desired, a separately defined tree can enforce more direct administrative and security restrictions.
11. How can you authenticate between forests? Four types of authentication are used across forests: (1) Kerberos and NTLM network logon for remote access to a server in another forest; (2) Kerberos and NTLM interactive logon for physical logon outside the user’s home forest; (3) Kerberos delegation to N-tier application in another forest; and (4) user principal name (UPN) credentials.
12. What snap-in administrative tools are available for Active Directory? Active Directory Domains and Trusts Manager, Active Directory Sites and Services Manager, Active Directory Users and Group Manager, Active Directory Replication (optional, available from the Resource Kit), Active Directory Schema Manager (optional, available from adminpak)
13. What types of classes exist in Windows Server 2003 Active Directory? 
    • Structural class. The structural class is important to the system administrator in that it is the only type from which new Active Directory objects are created. Structural classes are developed from either the modification of an existing structural type or the use of one or more abstract classes.
    • Abstract class. Abstract classes are so named because they take the form of templates that actually create other templates (abstracts) and structural and auxiliary classes. Think of abstract classes as frameworks for the defining objects.
    • Auxiliary class. The auxiliary class is a list of attributes. Rather than apply numerous attributes when creating a structural class, it provides a streamlined alternative by applying a combination of attributes with a single include action.
    • 88 class. The 88 class includes object classes defined prior to 1993, when the 1988 X.500 specification was adopted. This type does not use the structural, abstract, and auxiliary definitions, nor is it in common use for the development of objects in Windows Server 2003 environments.
14. How do you delete a lingering object? Windows Server 2003 provides a command called Repadmin that provides the ability to delete lingering objects in the Active Directory. 
15. What is Global Catalog? The Global Catalog authenticates network user logons and fields inquiries about objects across a forest or tree. Every domain has at least one GC that is hosted on a domain controller. In Windows 2000, there was typically one GC on every site in order to prevent user logon failures across the network.
16. How is user account security established in Windows Server 2003? When an account is created, it is given a unique access number known as a security identifier (SID). Every group to which the user belongs has an associated SID. The user and related group SIDs together form the user account’s security token, which determines access levels to objects throughout the system and network. SIDs from the security token are mapped to the access control list (ACL) of any object the user attempts to access.
17. If I delete a user and then create a new account with the same username and password, would the SID and permissions stay the same? No. If you delete a user account and attempt to recreate it with the same user name and password, the SID will be different. 
18. What do you do with secure sign-ons in an organization with many roaming users? Credential Management feature of Windows Server 2003 provides a consistent single sign-on experience for users. This can be useful for roaming users who move between computer systems. The Credential Management feature provides a secure store of user credentials that includes passwords and X.509 certificates.
19. Anything special you should do when adding a user that has a Mac? "Save password as encrypted clear text" must be selected on User Properties Account Tab Options, since the Macs only store their passwords that way.
20. What remote access options does Windows Server 2003 support? Dial-in, VPN, dial-in with callback.
21. Where are the documents and settings for the roaming profile stored? All the documents and environmental settings for the roaming user are stored locally on the system, and, when the user logs off, all changes to the locally stored profile are copied to the shared server folder. Therefore, the first time a roaming user logs on to a new system the logon process may take some time, depending on how large his profile folder is.
22. Where are the settings for all the users stored on a given machine? \Document and Settings\All Users
23. What languages can you use for log-on scripts? JavaScipt, VBScript, DOS batch files (.com, .bat, or even .exe).