Top 40+ System Administration Interview Questions and Answers

Here is the list of top system administration interview questions and answers.

1. What do you know about active directory in the system administration ?

When we are talking about network security, one thing that matters is the centralized control of everything that can be assured by the active directory. The information and settings related to the development is stored in the central database.   for an example :- the database might list 100 users accounts  with details like each person’s job title, phone number and password . 

2. What is group policy? 

Network administrators can use group policy to control the working environment of users and computer accounts in active directory . it provides a central place for administrators to manage and configure operating systems, applications and user’s settings. If we use it properly  it enables you  to increase the security of user’s computers and help defend against both insider and external threats. 

3. Why is it said that we should restore a dc that was backed up 9 months Ago?

We can face problems due to lingering objects as when we are restoring a backup file the active directory generally requires that the backup file should not be more than 180 days old. 

4. Can you tell us about the experience you have with hardware Components ? 

System administrator should be able to do installation and replacement operations with hardware sometimes there can be a need to rebuild the hardware component .

5. What do forest, trees , domain mean ? 

A domain is a logical group of network objects like computers , users, devices that have the same active directory database . A tree is a collection of domains within a Microsoft active directory network in which each domain has exactly one parent, leading to hierarchical tree structure and forest is a group of active directory trees. 

6. What do you know about wins servers ? 

WINS stands for windows internet name service this will allow the users to access resources by computer name rather than IP address. It is an operating system that uses a centralized computer that will provide specific functions predetermined rules for the users and the computers connected to a Network . For example if you want your computer to keep the track of the names and IP addresses of other computers in  your Network .  

7. What according to you could be the personal characteristics of a person administering a system ? 

System administrators face a diversity of challenges  .They are the problem solvers and coordinators. They have in-depth understanding of computer’s software , hardware and networks and so are able to instruct  employees regarding the technical issue . Their primary task is to monitor the system. They are able to  keep  track of the server performance and creative designs for computer systems and are  able to quickly arrange for replacement in case there is any hardware failure .

8. Can you give us one of the examples of the systems you have been working with as an Administrator? 

This typically may include:- Windows and linux which supports either the asset management or the GIS. 

9. What is a lingering Object ? What is the command that we use to remove lingering objects ? Why is it important to remove the lingering objects ? 

lingering object is a deleted active directory that remains on the restored domain controller in its local copy of the active directory. When an object is deleted from the active directory a Tombstone (which is temporary) is created which then has to be replicated by domain controller before it expires. i.e  they seem to occur when some changes are made to the directories after system backups are created. When we restore a backup file the AD (ACTIVE DIRECTORY ) generally requires that the backup should not be more than 180 days old .This may happen if after the backup was done the object was deleted on another dc more than 180 days ago. In such case if we want to remove the lingering object we use windows server 2003 and  windows server 2008 they have the ability to manually remove the lingering objects using the console utility command REPADMIN.EXE .it is necessary to remove the lingering object as it puts an extra burden on the system’s RAM and can create the problems like the limited space availability .    

10. Can you differentiate between firewall and Antivirus? 

Antivirus :- we use the antivirus to protect the system from the computer viruses . When you are using your system It actively monitors for any virus threats from different sources . if it finds any virus threats it tries to clean or quarantine the virus and ultimately keeps your system and data safe . 

Firewall :- on the flip side firewall protects your system from outside/ intruder/ hacker attacks. Sometimes hackers may take control of your system remotely and steal your important information or the data from the system. It happens mostly in the cases when your system is connected directly to the internet or a large network. In that case you should install a firewall in your pc to protect yourself from unauthorized access. It is either  available in the software or in the hardware form if you have a single pc then software firewall can do the work but when you want to protect a large corporate you have to install hardware firewall so as to protect their system from such attacks . 

11. According to you why backing up an active directory is important and how can you backup an active Directory? 

To maintain the proper health of the AD database the backup of an active directory is important . 

Windows Server 2003:- In this you can backup the active directory by using the NTBACKUP tool that is in –built with windows server 2003 or we can also use any 3^rd party tool that will support this feature .

Windows server 2008 :- in this there is no option to backup the system state data through the normal backup utility. Here we need to use the command line inorder to backup the active Directory . 

Step 1 – open the command prompt by clicking on start , typing “cmd” and then hit the enter button 

Step 2 –  In the command prompt type “ wbadmin start systemstatebackup – backuptarget;e:” and then press the enter button.

Step 3 – input “y” and press the enter button inorder to start the backup process 

When the backup  is finished you will get a message that the backup is successfully completed if it has not completed properly you need to troubleshoot. 

12. What is a domain controller ? 

Domain controller (Dc )is a windows-based computer system which is used for storing user account data in a central database. It allows the system administrator to allow or deny users access to system resources, such as printers, documents , folders , network locations , etc. 

13. According to you what is the difference between FAT and NTFS ?

FAT :-

• There is no security when the user logs in locally .
• It usually supports file names that have only 8 characters .
•  it does not support file compression .
•  The partition and file size can be up to 4 GB. 
• There is no such security permission for file and folder level .
• It doesn’t support bad cluster mapping so it is not very reliable 

NTFS :-

• There is security for both the  local and the remote users. 
• It usually supports file names that have 255 characters . 
• It supports the file compression 
• The partition size can be upto 16 exabyte . 
• There is security for file and folder level. 
• It supports bad cluster mapping and transaction logging so it is highly reliable 

14. Can you tell me what is loopback address and in what sense is it useful? 

It is an address that sends outgoing signals back to the same computer for testing purposes. It is managed entirely within the operating system so the client and the server process on a single system and can communicate with each other. It is not physically connected to a network and  it is useful in the sense that the loopback provides IT professionals an interface so that they can test the IP software without worrying about the broken or corrupted drives or the hardware.  

15. What do you know about proxy servers ?

It acts as the gateway between a local network (for eg:- computers in a company) and a large-scale network (for ex :- internet ). By using this server there is an increase in performance and security as it can be used to prevent the employees from browsing the inappropriate and distracting sites . 

16. Can you tell us about windows registry ? 

It is often referred to as “the registry” . In the Microsoft Windows operating systems it is the collection of databases of configuration settings (low level settings) It stores the important information like the location of programs ,files etc . if you don’t understand what you are doing you should not edit the windows registry or it will cause problems with the installed applications or the operating system. 

17. What is the Sysvol Folder ? 

We can say that it is a type of shared folder which stores group policies information or we can say that it contains public files of the domain controllers and the domain users can access it. It’s significant feature is that it is used to deliver policy and login scripts to the domain members.

18. Why is VOIP important ? 

VOIP is important as it makes the user adopt the modern techniques over the traditional infrastructure. By using it the users can use the transmission medium by delivering the voice packets which are designed for the telephone calls. 

19. What do you know about Window deployment services ? 

The name itself suggests that it is used to deploy windows operating system (i.e – there is no need to install each operating system directly from CD or DVD there are tools that are used for managing the server 

• windows deployment services MMC 
• windows powershell cmdlets for wds 
• WDSUTIL command-line tool 

20. What is the difference between a work group and a domain ? 

In a workgroup there is a particular system which has the collection of systems having their own rules and local users logins. Whereas in domain the centralized authentication server which is a collection of systems tells what the rules are . Workgroups are like P2P networks whereas on the flip side domains are like standard client /server relationships . 

21. What can you tell us about the  light – weight directory access protocol ? 

The LDAP (light-weight directory access protocol) is used to name the object in an AD(Active Directory ) and makes it widely accessible for management and query applications . it is most commonly used to provide a central place to store the usernames and passwords 

22. What do you know about the PPP protocol ? 

PPP protocol stands for point to point protocol. This protocol helps us to communicate between  the two computers (routers ) . The two derivatives of the point to point protocol are :- (1) point to point protocol over Ethernet (2) point to point protocol over ATM. It is a multilayer protocol that operates on the same communication link.

23. What is IP Spoofing and what can we do to prevent it ? 

It is a type of mechanism that is used by the attackers to get the authorized  access to the system. In this the intruder is sending the message to the computer with an IP address that it is coming from a trusted source/host. We can prevent it by performing packet filtering using the special routers and firewalls we allow packets with recognized formats to enter the network.   

24. What is garbage Collection ? 

The memory that is occupied which is no longer in use is called garbage collection one of the major advantages of the garbage collection is that it frees the user for dealing with memory deallocation. The higher level of programming languages have more garbage collection. The resources other than memory are  not handled by garbage collection.

25. Tell something about frame relay ? 

IN the OSI model it operates at the physical and data link layer and is a high-speed data communication technology. It uses frames for the transmission of data in the network . 

26. What is DNS? 

The DNS stands for the domain name system. The IP addresses are always changing so the DNS makes the IP address into human friendly names so that the  humans can  remember it much more easily and this are less likely to change for example if you look at the standard  phone book and try to search for a persons name then you will get his/ her phone number here in this case the DNS performs the same operation as that of a standard  phone book but with the updates on hourly or daily basis .due to the tired nature of the DNS it makes it possible to have repeated queries that can be responded quickly .

27. Can you tell the difference between the  domain admin groups and Enterprise admin group in ad (active directory )?

Domain admin groups:  The members of the domain admin group have complete control of the domain                                                                                                                      

Enterprise admin group: The members of the enterprise admin group have complete control of the domains in the forest. 

28. What is authoritative Restore of active directory ?

To perform an authoritative restore we first need to perform a non –  authoritative restore process . As we know that the authoritative restore has the ability to increment the version number of the attributes and this will make us restore an object in the directory. On the flip side when we talk about the non -authoritative restore to determine the changes since the last backup it will contact the replication partners after a domain controller is back online. 

29. If you are a system administrator what will be your daily routine ?

In this you answer should reflect that you are well aware about the responsibilities of the system administrator or what are the tasks that are to be performed by the system administrator 

For an example :- tasks like software installation and updates , providing system access control , creating backups , data recovery , etc. 

30. Can you  tell about the advantages of RAID ? 

AIn this type of question we can tell the definition of RAID and then further explain about the benefits of using RAID 

31. What do you know about the object server ? 

In this the application of the client/server is written in the form of communication objects. By using ORB ( Object Request Broker) the client objects communicate with server objects. This server object provides support for concurrency and sharing . 

32. What is the working of Traceroute and what protocol does it use ?

Depending on the operating system , The Tracert also called as traceroute it allows you to use to see exactly what all the routers do you touch when you move along the chain of connections to reach the final destination if a case arrives in which you can’t ping your final destination in that case a tracert can be used as it can tell you exactly where the chain of connections stopped. So that you will be able to contact the correct people, may it be your own firewall or your ISP or your destination’s ISP or anywhere in the middle . The traceroute uses ICMP protocol but is also having the ability of using the first step of the TCP to send the SYN requests for the response . 

33. What do you know about NETBIOS and  NETBEUI ?

NETBIOS :  It  is referred to as the  NETWORK BASic input or output system. It is a layer 5 protocol that is non-routable. It allows the applications to communicate with one another over LAN or we can call it a local area network . NETBIOS normally runs over a TCP/IP which results in having a network with both an IP address and a NETBIOS name corresponding to the host name .

There are three distinct services that are provided by the NETBIOS :- 

• Name service :- in this the name registration and resolution is done  
• Datagram distribution service :- it is generally used for connectionless communication 
• Session service :- it is used for connection oriented communication. 

NETBUI : NETBEUI is an extended version of the NETBIOS. It is a networking protocol that was developed by IBM and Microsoft in 1985. It is a primary protocol for the Lan manager and windows for workgroups . it supports both connection based and connectionless communication. It implements flow control and error detection. It is one of the fastest and most efficient protocols. The enhanced implementation of a protocol that is available on Microsoft Windows NT operating system is called the NETBEUI frame. We should use it only on smaller network sizes as it relies more heavily on broadcast packets than on the TCP or an IP i.e it is unsuitable for WAN (wide area networks)  and it Is also  a non-routable protocol . 

34. Can you tell us about RSVP. And how does it work ? 

RSVP refers to Resource Reservation protocol as the name suggests it is used to reserve resources across a network so when we have a look into the working of the RSVP in the RSVP the request of the host is carried throughout the network. It then visits each node in the network. It has two local modules for reservation of resources: the admission control module and the policy module . The admission module checks whether there are sufficient available resources. Whereas the policy module checks about the permission of making a reservation. After these two checks are performed the RSVP uses packet classifier and the packet scheduler for desired QoS requests . 

35. Describe the concept of DHCP ?

DHCP refers to dynamic host configuration protocol. This protocol is used to assign the IP address to the computers. So when we use the DHCP protocol whenever a computer is connected to a network its IP address is changed or in other words we can say that will have different IP addresses in some cases it can also happen that the IP address is changed when the computer is in the network by this we can say that a clearcut advantage of the DHCP protocol is that rather than using the administrator for managing the IP address we use the software . 

36. Can you tell us the main email servers and which are their ports ? 

There are two types in the email servers :- the incoming mail server and the outgoing mail server 

1. The incoming mail server :- this type of mail server is usually associated with the email address account to download the emails you should have the correct settings configuration in your email client program . in this server there cannot be more than one incoming server 
2. The outgoing mail server :- when we are talking about the outgoing mail server the protocol that is used to send emails are SMTP which are known as simple mail transfer protocol . the main email portal includes :- (POP3 – PORT 110 , IMAP – port 143, STMP – port 25 , HTTP – port 80 , secure SMTP – PORT 465 , Secure IMAP – port 585 , IMAP4 over SSL – port 993 , secure POP3 – port 995 )

37. Can you differentiate between a hub and a Switch ? 

Both the hub and the switch are roughly the same. They both have a larger number of potential connections and are used for the same basic purpose to create a network. The only difference that differentiates them is the way they handle the connections in case of hub they broadcast all the data to every port and hence can make serious security and reliability concerns as well as there will occur a number of collisions on that network . on the flip side when we talk about switches the connections are created dynamically so the requesting portal only receives the information that is designed for it. We can consider a hub where all are talking at the same time but this can be inconvenient as it can transmit or release information to the people whom you don’t want to have access to that information on the other side when we talk about switches they are creating the connections between the ports as in need . 

38. What do you know about HTTPS  and what port does it use ? 

The HTTPS uses the SSL certificates so as to confirm that the server you are connecting is the one that it says . the HTTPS traffic goes over the TCP port 443.

39. What  can you tell us about TCP ? 

TCP/IP is not a protocol but is a member of the IP protocol suite. The TCP refers to Transmission Control Protocol and is a massively used  protocol (for ex:- HTTP , FTP & SSH ) one of the benefits of TCP is that it establishes the connection on both the ends before any data starts to flow.  It is also used to sync up the data flow as if a case arrives when the packets arrive out of order, so the receiving system should be able to figure out how the puzzle of packets are supposed to look like .

40. What do you know about UDP ?

we can call the UDP the twin of the TCP . The UDP stands for User Datagram Protocol . The UDP doesn’t care if somebody is listening on  the other end or not and is called the connectionless protocol. Whereas when we talk about the TCP it makes everybody stay on the same page . the transmission speed on an UDP is faster than the transmission speed  of TCP. So if we want to distinguish between both the TCP & UDP . The TCP always needs a confirmation from the other side that the message is received or not. On the other side the UDP is like a television broadcast in which the transmitter  doesn’t care or know about the person on the other end.  

41. What can you tell us about port forwarding ? 

Ans :- when we want to communicate with the inside of a secured network then there is the use of a port forwarding table within the router or other connection management device that will allow the specific traffic to be automatically  forwarded on to a particular destination. Most probably it does not allow access to the server from outside directly into your network. 

42. Can you differentiate between a Powershell and a  command prompt ? 

Powershell : it was introduced in the year 2006. We can open power shell by typing powershell. it operates on both the batch commands and the powershell commands. It allows the user to navigate easily between the functions by providing the ability to create aliases for cmdlets or scripts. The output that comes is in the form of an object and can be passed from one cmdlet to other cmdlets . it can also execute a sequence of cmdlets that are put together in a script. It is built on a net framework so it has access to the programming libraries and can be used to run all types of programs . it supports the linux based system and can connect with the Microsoft cloud products and integrates directly with WMI. It also has an ISE .          

   on the flip side , 

COMMAND PROMPT : it was introduced in the year 1981. We can open a command prompt from run by typing cmd. It cannot operate on both the batch commands and the powershell commands; it only operates on batch commands. There is no support for the creation of aliases of commands . the output that is formed is in the form of text . we can not transfer or pass the output from one command to the other command . when we want to run a certain command the command that is runned before must be finished . in this case there is no such command like the help command like in the case of powershell to get the information regarding the commands. There is no separate ISE there is on;ly a command line interface it can only run console type of programs . it doesn’t support the linux based system and cannot connect with te ms online products. There is a need for an external plugin for WMI interaction. It doesn’t have access to the libraries .

43. Can you tell what is  the difference between a RDP and a KVM ? 

The RDP stands for Remote desktop protocol as the name itself suggests about the nature of this protocol it is one of the primary method by which we can access the windows system remotely for troubleshooting purpose and Is a software driven method whereas when we talk about the KVM it refers to keyboard video and mouse it allows fast- switching between different systems but by using the same keyboard monitor and mouse. It is a hardware driven method or system in which a junction box is placed between the user and the systems the KVM does not require any kind of active network connection so it is very useful to use the same kind of setup on multiple networks without doing the cross talk .  

44. What do you know about FTP and SSH ? What protocol do they use ? 

FTP – The FTP is referred to as the file transfer protocol. It is primarily designed for transferring large files which also has the capability of resuming the download in the case the download is interrupted. There are two different techniques following which we can access the FTP server; they are the Anonymous access and the standard login. There is only one difference between the techniques which is that the anonymous doesn’t require an active user login whereas the standard login requires an active user login. The FTP uses ports 20 and 21 of TCP. 

SSH – The SSH stands for secure shell and is very well known by the linux users the secure shell is used to create a secure tunnel between devices (for example :- systems, switches, thermostats , etc ) .it also has the ability to tunnel the other programs through it . so in case the programs having the unsecured connections can be used in the secured state if we configure it correctly. The SSH uses port 22 of TCP  

45. What are ARP and EFS ? 

ARP : it refers to the address resolution protocol that allows the DNS to be linked for MAC addresses; the mapping of the human-friendly URLs to IP addresses are allowed by standard DNS . while the address resolution protocol allows the mapping of IP addresses to mac addresses. In this manner it makes the system go from a regular domain name to an actual piece of hardware. 

EFS : it refers to the encrypted file system . the encrypted files that are tied to the specific user becomes difficult when to try to decrypt a file without the assistance of the user there can also be a case when the user forgets his or her password or loses their password  in such case it becomes almost impossible to decrypt the file as the process of decryption is tied to the user’s login and password .it can only occur on NTFS formatted partitions. For a larger purpose the better alternative is a Bitlocker . 

46. What is an Ids ? 

IDs stands for intrusion detection system that has two basic variations :-

1. Host intrusion detection system (HIDS) :- it runs as background utility like an antivirus 
2. Network intrusion detection system :-  when they go across the network to start looking  for things that are not ordinary it sniffs packets . 

47. What is Telnet ? 

It is one of the application protocols that allow the connection on any port and is a very small and versatile utility. It allows the admin to connect to the remote devices. in case telnet transfers data in the form of text. on a remote host, telnet provides access to a command-line interface because of some of the security concerns when we are using the telnet over an open network source such as the internet it is significantly in the favour of SSH. It has a negotiable protocol architecture because of which many extensions were adopted. Most of the implementation of telnet has no authentication which can ensure that the communication Is carried out between the two desired hosts. it does not encrypt any data that has been sent over the connection. generally, it is used to establish a connection to TCP (transmission control protocol )  port 23. where the server application of the telnet is listening. 

Also Read Top 25 Common Interview Questions

28 Source: GreatLearning Blog