### General Questions

1. **What is Linux?**

Sol: LINUX is a free and open-source operating system (OS). It's comparable to UNIX.

• It is one of the most widely supported operating systems because it runs on almost every
major computer platform, including x86, ARM, and SPAR

- Describe Linux and its key features.

 Linux is a free, Unix-like operating system kernel that serves as the
foundation for a wide variety of operating systems commonly
referred to as Linux distributions or Linux distros. It is an open-
source community that has powerful features, and well-structured
architecture.
its key features:

free operating system, open source, flexibility, customizability, multi user, portability, shell,
security

2. **History and Development: **

- Who created Linux and when?

Sol:
Linux was created by Linus Torvalds, a Finnish software engineer, in 1991. He
released the first version of the Linux kernel to the public on September 17,
1991. Since then, it has become one of the most prominent examples of free and
open-source software collaboration.

- What is the difference between Unix and Linux?

KEY DIFFERENCE Linux source code is available to the general public whereas, in
Unix, the source code is proprietary.

3. **Distributions: **

- What are Linux distributions? Name some popular ones.

What is a Linux distribution?

 A: Linux distributions, also known as distros, are operating systems
based on the Linux kernel. They include the Linux kernel, supporting
system software and libraries, and usually a large amount of
application software to fulfill the distribution’s intended use
 - What are the main differences between Debian and Red Hat-based distributions?

Debian and Red Hat Enterprise Linux differ in their package management
systems, release models, support approaches, initialization systems, default
desktop environments, and licensing policies.

### File System and Directory Structure

 In computing, a directory structure is the way an operating system

arranges files that are accessible to the user. Files are typically
displayed in a hierarchical tree structure. A filename is a string used
to uniquely identify a file stored on this structure.

4. **File System Basics:**

- Explain the Linux file system hierarchy.

 This is a short explanation of the Linux file system Hierarchy. In a

Linux system, all files are stored on file systems. A file-system
hierarchy is the organization of these files into a single inverted tree
of directories.

- What are the common file systems used in Linux (e.g., ext4, XFS, Btrfs)?

5. **Important Directories:**

- Describe the purpose of directories like `/etc`, `/home`, `/var`, `/bin`, `/usr`, and `/root`.

1.

6. **File Permissions:**

- How do file permissions work in Linux? Explain the `rwx` model.

- How do you change file permissions using `chmod`? Provide examples.

### Commands and Utilities

7. **Basic Commands:**

- What do the following commands do: `ls`, `cd`, `pwd`, `cp`, `mv`, `rm`, `mkdir`?
Top 50 Linux Commands You Must Know as a Regular User
1. ls - The most frequently used command in Linux to list directories
2. pwd - Print working directory command in Linux
3. cd - Linux command to navigate through directories
4. mkdir - Command used to create directories in Linux
5. mv - Move or rename files in Linux
6. cp - Similar usage as mv but for copying files in Linux
7. rm - Delete files or directories
8. touch - Create blank/empty files
9. ln - Create symbolic links (shortcuts) to other files
10. clear - Clear the terminal display
11. cat - Display file contents on the terminal
12. echo - Print any text that follows the command
13. less - Linux command to display paged outputs in the terminal
14. man - Access manual pages for all Linux commands
15. uname - Linux command to get basic information about the OS
16. whoami - Get the active username
17. tar - Command to extract and compress files in linux
18. grep - Search for a string within an output
19. head - Return the specified number of lines from the top
20. tail - Return the specified number of lines from the bottom
21. diff - Find the difference between two files
22. cmp - Allows you to check if two files are identical
23. comm - Combines the functionality of diff and cmp
24. sort - Linux command to sort the content of a file while outputting
25. export - Export environment variables in Linux
26. zip - Zip files in Linux
27. unzip - Unzip files in Linux
28. ssh - Secure Shell command in Linux
29. service - Linux command to start and stop services
30. ps - Display active processes
31. kill and killall - Kill active processes by process ID or name
32. df - Display disk filesystem information
33. mount - Mount file systems in Linux
34. chmod - Command to change file permissions
35. chown - Command for granting ownership of files or folders
36. ifconfig - Display network interfaces and IP addresses
37. traceroute - Trace all the network hops to reach the destination
38. wget - Direct download files from the internet
39. ufw - Firewall command
40. iptables - Base firewall for all other firewall utilities to interface with
41. apt, pacman, yum, rpm - Package managers depending on the distribution
42. sudo - Command to escalate privileges in Linux
43. cal - View a command-line calendar
44. alias - Create custom shortcuts for your regularly used commands
45. dd - Majorly used for creating bootable USB sticks
46. whereis - Locate the binary, source, and manual pages for a command
47. whatis - Find what a command is used for
48. top - View active processes live with their system usage
49. useradd and usermod - Add a new user or change existing user data
passwd - Create or update passwords for existing users
- How would you display the contents of a file? Explain the usage of `cat`, `more`, `less`, and `tail`.

8. **Process Management:**

- How do you view running processes? Explain the `ps` and `top` commands.

- How do you kill a process? Explain the `kill` and `killall` commands.

9. **Text Editors:**

- Name some common text editors in Linux.

- Describe how to use `nano` or `vim`.

### Shell Scripting and Automation

10. **Shell Basics:**

- What is a shell in Linux? Name some commonly used shells.

- How do you create and run a basic shell script?

11. **Scripting Concepts:**

- Explain the use of variables in shell scripting.

- What are loops and conditionals in shell scripting? Provide examples.

### Package Management

12. **Package Managers:**

- What are package managers? Name the package managers used by Debian and Red Hat-based
systems.

- How do you install, update, and remove software packages using `apt` and `yum`?

### Networking

13. **Basic Networking Commands:**

Ping

Ifconfig

Ipconfig

NetStat
is a networking utility that can be used to display all
NetStat
active network connections and their status. It can be used to
identify which applications are using which ports and can be
helpful in troubleshooting networking issues.
NbtStat: is a networking utility in Windows that helps
users troubleshoot NetBIOS over TCP/IP problems. It
can be used to display a variety of information about
the current state of the NetBIOS over TCP/IP protocol
on both local and remote computers

ARP

The Address Resolution Protocol, or ARP, is a networking

utility used for mapping network addresses to physical
addresses.

Nslookup
is a command-line networking tool used for querying
Nslookup
Domain Name System (DNS) to obtain domain name or IP
address mapping, or other DNS records. Nslookup has two
modes: interactive and non-interactive.

- How do you check your IP address? Explain the use of `ifconfig` or `ip`.

- How do you test network connectivity? Explain the use of `ping` and `traceroute`.

14. **SSH and Remote Access:**

- What is SSH and how do you use it to connect to a remote machine?

- How do you copy files between local and remote systems using `scp` or `rsync`?
### Security

15. **User Management:**

- How do you add and remove users in Linux? Explain the use of `useradd` and `userdel`.

- How do you change a user's password? Explain the use of `passwd`.

16. **Firewall:**

- What is a firewall and how is it used in Linux?

A firewall is a network security system that monitors and controls

incoming and outgoing network traffic based on predetermined security
rules. Its primary purpose is to establish a barrier between a trusted
internal network and untrusted external networks, such as the internet, to
prevent unauthorized access, attacks, or data breaches.

In Linux, there are several firewall solutions available, but one of the most
commonly used is called iptables, which is a user-space utility program
that allows a system administrator to configure the IP packet filter rules of
the Linux kernel firewall.

- Describe the basics of `iptables` or `firewalld`.

Here's how a firewall, particularly iptables, is used in Linux:

1. Defining Rules: The administrator specifies rules that determine

which network traffic is allowed or denied based on criteria such as
source and destination IP addresses, port numbers, and protocols.
2. Filtering Traffic: The firewall inspects incoming and outgoing
packets against the defined rules and either permits or blocks them
accordingly. For example, it can allow incoming SSH (Secure Shell)
traffic on port 22 while blocking other incoming traffic.
3. Stateful Inspection: Many modern firewalls, including iptables,
perform stateful packet inspection. This means they keep track of
the state of active network connections and dynamically allow
return traffic that is part of established connections while blocking
unauthorized or suspicious traffic.
4. Network Address Translation (NAT): Firewalls can also perform
NAT, translating IP addresses and port numbers as packets pass
through the firewall. This is commonly used to hide internal network
addresses from external networks or to allow multiple devices to
share a single public IP address.
 5. Logging and Monitoring: Firewalls can log network activity,
allowing administrators to review and analyze traffic patterns,
detect potential security threats, and troubleshoot network issues.
6. Customization and Configuration: Linux firewall configurations
can be highly customized to meet specific security requirements.
Administrators can create complex rule sets, define network zones,
and implement additional security features such as rate limiting and
packet filtering based on packet attributes.

### Advanced Topics

17. **Kernel and Modules:**

- What is the Linux kernel? How can you view the loaded kernel modules?

The Linux kernel is the core component of the Linux operating system. It acts as
an intermediary between the hardware and the software applications running on
the system. The kernel provides essential functionalities such as process
management, memory management, device drivers, file system support, and
system calls.

- How do you load and unload kernel modules?

Loading and unloading kernel modules in Linux can be done using the modprobe command
to load modules and the rmmod command to unload modules. Here's how you can do it:

1. Loading Kernel Modules:

To load a kernel module, you can use the modprobe command

followed by the name of the module you want to load. For example,
to load the nls_utf8 module, you would use:

bash
Copy code
sudo modprobe nls_utf8

This command will load the nls_utf8 module into the kernel. If the
module has dependencies, modprobe will automatically load them as
well.

2. Unloading Kernel Modules:

To unload a kernel module, you can use the rmmod command

followed by the name of the module you want to unload. For
example, to unload the nls_utf8 module, you would use:
 bash
Copy code
sudo rmmod nls_utf8

This command will unload the nls_utf8 module from the kernel. If
the module is in use (i.e., there are instances of it currently being
used by other modules or processes), rmmod will fail to unload it. In
such cases, you may need to first stop the processes or unload the
dependent modules before unloading the target module.

3. Viewing Loaded Modules:

Before unloading a module, it's often helpful to verify that it's

currently loaded. You can use the lsmod command to list all loaded
kernel modules. For example:

bash
Copy code
lsmod

This command will display a list of all loaded kernel modules,

allowing you to confirm whether the module you want to unload is
currently loaded.

18. **System Logs:**

- Where are system logs stored in Linux? Explain the role of `/var/log`.

In Linux, system logs are stored in various locations within the file system, with
the primary directory for system logs being /var/log. This directory contains log
files generated by various system processes, services, and applications,
providing valuable information for monitoring, troubleshooting, and auditing
system activity.

1. /var/log Directory:

/var/log is a directory located at the root of the file system ( /). It is

designated for storing log files related to system processes,
services, and applications. This directory is typically accessible to
users with administrative privileges ( root), as viewing and analyzing
system logs often requires elevated permissions.
 - How do you view log files? Explain the use of `dmesg` and `journalctl`.

In Linux, there are several commands and utilities available for viewing log files and
retrieving system logs. Two commonly used utilities are dmesg and journalctl, each
serving different purposes:

1. dmesg:

The dmesg command displays the kernel ring buffer, which contains messages logged
by the kernel during the boot process and ongoing system operation. These messages
include information about hardware detection, device initialization, kernel modules
loading, and various kernel events.

To view the kernel ring buffer with dmesg, simply run the command in a terminal:

bash
Copy code
dmesg

By default, dmesg displays the entire contents of the kernel ring buffer. However, you
can use various options to filter and format the output, such as:

 -c: Clear the contents of the kernel ring buffer after displaying it.
 -H: Use human-readable timestamps.
 -T: Display timestamps in a human-readable format.
 -L: Display log levels (e.g., INFO, WARNING, ERROR) with messages.

For example, to view the last 100 lines of the kernel ring buffer with human-readable
timestamps, you can use:

bash

Copy code

dmesg -T | tail -n 100

2. journalctl:

The journalctl command is part of the systemd journal system, which provides
centralized logging for system events and services. It retrieves and displays logs from
the systemd journal, which includes not only kernel messages but also messages from
user-space services and applications.

To view system logs with journalctl, you can simply run the command in a
terminal:

bash
Copy code
 journalctl

By default, journalctl displays logs starting from the current boot session.
However, you can use various options to filter and format the output, such as:

 -b or --boot: Display logs from a specific boot session.

 -u or --unit: Display logs for a specific systemd unit (service).
 -p or --priority: Filter logs by priority (e.g., INFO, WARNING,
ERROR).
 -n: Display a specific number of recent log lines.

19. **Virtualization:**

- What is virtualization and how is it implemented in Linux?

Virtualization is the process of creating a virtual (rather than actual) version of

something, including virtual hardware platforms, operating systems, storage
devices, and computer network resources. In computing, virtualization allows
multiple virtual machines (VMs) or virtual environments to run simultaneously on
a single physical hardware platform, enabling better resource utilization,
flexibility, scalability, and cost efficiency.

- Name some tools and platforms used for virtualization in Linux (e.g., KVM, VirtualBox, Docker).

In Linux, virtualization is implemented through various

technologies and tools, with two of the most common approaches
being:

1. Kernel-based Virtual Machine (KVM):

KVM is a virtualization module built into the Linux kernel

since version 2.6.20. It leverages hardware virtualization
extensions (such as Intel VT-x or AMD-V) to provide full
virtualization capabilities, allowing multiple virtual machines
to run unmodified guest operating systems (such as Linux,
Windows, or BSD) alongside the host Linux operating
system.

KVM works by turning the Linux kernel into a hypervisor,

which is a software layer that manages and allocates
physical hardware resources to virtual machines. KVM relies
on the qemu (Quick Emulator) virtualization infrastructure to
 emulate virtual hardware devices and provide device
emulation, disk I/O, and network connectivity for guest VMs.

KVM is widely used in Linux-based virtualization solutions,

including the open-source hypervisor platform called "libvirt"
and management tools like "virt-manager" and "oVirt."

2. Containerization (Linux Containers or LXC):

Containerization is a lightweight virtualization technology

that allows multiple isolated user-space instances, known as
containers, to run on a single Linux host. Unlike traditional
virtual machines, containers share the host operating
system kernel and resources, resulting in faster startup
times, lower overhead, and greater efficiency.

In Linux, containerization is implemented through

technologies such as Linux Containers (LXC), which provides
a user-space interface for creating and managing containers,
and Docker, a popular platform for building, shipping, and
running containerized applications.

LXC uses features like kernel namespaces, cgroups (control

groups), and chroot to isolate and sandbox containers,
providing a high degree of process and resource isolation
while still sharing the host kernel. Docker builds on top of
LXC and adds higher-level abstractions for packaging
applications into lightweight, portable containers, along with
tools for managing container lifecycle, deployment, and
orchestration.

Both KVM-based virtualization and containerization offer distinct

advantages and are used in various scenarios depending on
factors such as workload requirements, performance
considerations, resource utilization, and isolation needs. Overall,
virtualization in Linux provides a flexible and powerful platform for
deploying and managing virtualized environments and
applications.

20. **Backup and Restore:**

- How do you create backups in Linux? Explain the use of `tar`, `rsync`, and `dd`.
Creating backups in Linux can be accomplished using various tools and
methods, depending on factors such as the size of the data to be backed
up, the frequency of backups, storage options, and the desired level of
automation. Here are some common approaches to creating backups in
Linux:

1. Using Command-Line Tools:

 rsync: Rsync is a versatile command-line tool for

synchronizing files and directories between local or remote
locations. It can be used to create backups by copying only
the differences between source and destination, minimizing
bandwidth usage and storage requirements. Example: rsync -
av /source/directory /destination/directory .

 tar: The tar (tape archive) command is used to create

uncompressed or compressed archives of files and directories.
It can be combined with other utilities like gzip or bzip2 for
compression. Example: tar -cvf backup.tar /path/to/files .

 dd: The dd command can be used to create disk images,

allowing for the backup and restoration of entire disks or
partitions. Example: dd if=/dev/sda of=/path/to/backup.img .

2. Using Backup Utilities:

 Duplicity: Duplicity is a command-line backup tool that

supports encrypted, incremental backups to local or remote
storage locations using protocols like SSH, FTP, or cloud
storage providers. Example: duplicity /source/directory
file:///destination/directory .

 Bacula: Bacula is a network backup solution that provides a

client-server architecture for backing up and restoring data
across multiple systems. It offers features such as data
deduplication, encryption, and job scheduling.

 Amanda (Advanced Maryland Automatic Network Disk

Archiver): Amanda is an open-source backup solution that
automates the backup process for multiple clients and
provides features such as backup scheduling, retention
policies, and network backup support.

3. Using Backup Scripts:

 Custom backup scripts can be created using shell scripting

languages like Bash to automate the backup process
according to specific requirements. These scripts can
 incorporate commands like rsync, tar, or other tools to
perform backups, along with logging, error handling, and
notification functionality.

4. Using Backup Solutions with Graphical Interfaces:

 Some backup solutions for Linux come with graphical user

interfaces (GUIs) that provide an intuitive way to configure
and manage backups. Examples include Back in Time, Déjà
Dup, and Timeshift.

### Practical Tasks

- Demonstrate creating a new file and directory, navigating between directories, and deleting them.

- Show how to redirect the output of a command to a file and append to an existing file.

- Write a simple shell script that performs a specific task, such as backing up a directory or
monitoring disk usage.

By preparing answers and practicing these topics, you'll be well-equipped for your viva on Linux
fundamentals. Good luck!

Topic -2
### Windows Server Fundamentals

#### General Questions

1. **What is Windows Server?**

- Describe Windows Server and its primary functions.

- How does Windows Server differ from a regular desktop operating system?
2. **Versions and Editions:**

- What are the different versions of Windows Server? Name some key versions and their release
years.

- Explain the differences between Standard, Datacenter, and Essentials editions.

#### Installation and Configuration

3. **Installation:**

- What are the system requirements for installing Windows Server?

- Describe the steps involved in installing Windows Server.

4. **Active Directory:**

- What is Active Directory? What are its main functions?

- How do you create a new domain in Active Directory?

5. **Roles and Features:**

- What are server roles and features? Give examples of common roles.

- How do you add roles and features in Windows Server?

#### Networking

6. **DNS and DHCP:**

- What is DNS and how does it work in Windows Server?

 Domain Name System (DNS) is one of the industry-standard suite of
protocols that comprise TCP/IP, and together the DNS Client and
DNS Server provide computer name-to-IP address mapping name
resolution services to computers and users.

- What is DHCP and how do you configure it on a Windows Server?

 DHCP allows hosts to obtain required TCP/IP configuration
information from a DHCP server. Windows Server 2016 includes
DHCP Server, which is an optional networking server role that you
can deploy on your network to lease IP addresses and other
information to DHCP clients.
7. **IP Addressing:**

- How do you assign a static IP address to a Windows Server?

An Internet Protocol (IP) address is the unique identifying number assigned to every
device connected to the internet. An IP address definition is a numeric label assigned to
devices that use the internet to communicate. Computers that communicate over the
internet or via local networks share information to a specific location using IP addresses.

How does an IP address work?

An IP address works in helping your device, whatever you are accessing the internet on,
to find whatever data or content is located to allow for retrieval.

Common tasks for an IP address include both the identification of a host or a network, or
identifying the location of a device. An IP address is not random. The creation of an IP
address has the basis of math. The Internet Assigned Numbers Authority (IANA)
allocates the IP address and its creation. The full range of IP addresses can go from
0.0.0.0 to 255.255.255.255.

Public ip address

Private IP address

Static IP address

Dynamic IP address

IP Address Classes
Some IP addresses are reserved by the Internet Assigned Numbers Authority (IANA).
These are typically reserved for networks that carry a specific purpose on
the Transmission Control Protocol/Internet Protocol (TCP/IP), which is used to
interconnect devices. Four of these IP address classes include:

1. 0.0.0.0: This IP address in IPv4 is also known as the default network. It is the
non-routeable meta address that designates an invalid, non-applicable, or
unknown network target.
 2. 127.0.0.1: This IP address is known as the loopback address, which a computer
uses to identify itself regardless of whether it has been assigned an IP address.
3. 169.254.0.1 to 169.254.254.254: A range of addresses that are automatically
assigned if a computer is unsuccessful in an attempt to receive an address from
the DHCP.
4. 255.255.255.255: An address dedicated to messages that need to be sent to
every computer on a network or broadcasted across a network.

The router on a TCP/IP network can be configured to ensure it recognizes subnets, then
route the traffic onto the appropriate network. IP addresses are reserved for the following
subnets:

1. Class A: IP addresses between 10.0.0.0 and 10.255.255.255

2. Class B: IP addresses between 172.16.0.0 and 172.31.255.255
3. Class C: IP addresses between 192.186.0.0 and 192.168.255.255
4. Class D or multicast: IP addresses between 224.0.0.0 and 239.255.255.255
5. Class E, which are reserved for experimental usage: IP addresses between
240.0.0.0 and 254.255.255.254

- Explain the difference between IPv4 and IPv6.

IPv4 vs. IPv6

IPv4 has not been able to cope with the massive explosion in the quantity and range of
devices beyond simply mobile phones, desktop computers, and laptops. The original IP
address format was not able to handle the number of IP addresses being created.

To address this problem, IPv6 was introduced. This new standard operates a
hexadecimal format that means billions of unique IP addresses can now be created. As
a result, the IPv4 system that could support up to around 4.3 billion unique numbers has
been replaced by an alternative that, theoretically, offers unlimited IP addresses.

That is because an IPv6 IP address consists of eight groups that contain four
hexadecimal digits, which use 16 distinct symbols of 0 to 9 followed by A to F to
represent values of 10 to 15.

#### Storage and File Systems

8. **File Systems:**

- What file systems are supported by Windows Server? Explain the differences between NTFS and
ReFS.

- How do you format a disk and create partitions in Windows Server?

9. **Storage Management:**

- What is Storage Spaces? How is it used in Windows Server?

- Explain the process of setting up a RAID configuration in Windows Server.

#### Security

10. **User and Group Management:**

- How do you create and manage user accounts in Windows Server?

- What are user groups and how do they enhance security?

11. **Group Policy:**

- What is Group Policy and how is it used in Windows Server?

- Give examples of common settings that can be controlled through Group Policy.

#### Maintenance and Troubleshooting

12. **Backup and Restore:**

- How do you perform a backup in Windows Server? Explain the use of Windows Server Backup.

- What are the steps to restore a server from a backup?

13. **Performance Monitoring:**

- What tools are available in Windows Server for monitoring performance? Explain the use of Task
Manager and Performance Monitor.

- How do you identify and troubleshoot performance bottlenecks?

### Computer Hardware Fundamentals

#### General Questions

1. **Components:**

- What are the main components of a computer system? Explain the role of each component (CPU,
RAM, Motherboard, etc.).

- How do these components interact in a server environment?

2. **CPU and Memory:**

- What is the function of the CPU in a computer system?

- Explain the differences between various types of memory (RAM, ROM, Cache).

#### Storage

3. **Storage Devices:**

- What are the different types of storage devices? Explain the differences between HDDs, SSDs, and
NVMe drives.

- How do RAID configurations improve performance and reliability?

4. **Storage Interfaces:**

- What are the common storage interfaces used in servers (SATA, SAS, NVMe)?

- Explain the advantages and disadvantages of each.

#### Networking Hardware

5. **Network Interface Cards (NICs):**

- What is a NIC and what role does it play in a server?

- How do you configure and troubleshoot NICs?

6. **Switches and Routers:**

- Explain the difference between a switch and a router.

- How do these devices interact with servers in a network environment?

#### Power and Cooling

7. **Power Supply:**

- What is the importance of a power supply unit (PSU) in a server?

- How do you calculate the required power for a server setup?

8. **Cooling Solutions:**

- Why is cooling important in a server environment?

- What are the different types of cooling solutions (air, liquid, passive)?

#### Expansion and Connectivity

9. **Expansion Cards:**

- What are expansion cards and why are they used?

- Give examples of common expansion cards used in servers (graphics cards, RAID controllers).

10. **Ports and Connectors:**

- What are the different types of ports and connectors found on servers? Explain the purpose of
USB, HDMI, Ethernet, and other ports.

 Network Ports: Network ports are virtual endpoints used to

identify specific services or processes running on a computer within
a network. They are identified by numerical values ranging from 0 to
65535 and are categorized into two types: TCP (Transmission
Control Protocol) ports and UDP (User Datagram Protocol) ports.
Examples of well-known ports include port 80 for HTTP, port 443 for
HTTPS, and port 22 for SSH.
 Ethernet RJ45 Connector: Commonly used for wired Ethernet
connections, the RJ45 connector plugs into Ethernet ports on
network devices such as computers, switches, routers, and network
adapters.
 USB (Universal Serial Bus) Connector: Used for connecting
peripherals, storage devices, and other external hardware to
computers and other devices. USB connectors come in different
types, including USB-A, USB-B, USB-C, and micro USB.
 HDMI (High-Definition Multimedia Interface) Connector: Used
for transmitting audio and video signals between devices such as
 computers, monitors, TVs, projectors, and multimedia devices. HDMI
connectors support high-definition video and audio formats.
 VGA (Video Graphics Array) Connector: An analog video
connector commonly used for connecting computers to monitors,
projectors, and displays. VGA connectors are gradually being
replaced by digital interfaces like HDMI and DisplayPort.
 Power Connectors: Used for supplying electrical power to devices.
Common types of power connectors include AC power plugs, DC
power jacks, and power connectors for internal components such as
hard drives and optical drives.

Private and local networks:

1. Local Network:

 A local network typically refers to a network that is confined to

a small geographic area, such as a home, office, or campus.
 It may use technologies like Ethernet, Wi-Fi, or Bluetooth to
connect devices within the same physical location.
 Local networks often have limited reach and are not
accessible from outside the local area without special
configurations like VPNs (Virtual Private Networks) or port
forwarding.

2. Private Network:

 A private network generally refers to a network that is

restricted in access, either by physical isolation or by security
measures such as firewalls and access controls.
 Private networks can be local networks (confined to a specific
geographic area) or wide-area networks (spanning multiple
locations).
 Private networks are commonly used within organizations to
ensure that sensitive data and resources are accessible only
to authorized users.
 They may utilize technologies like VPNs, VLANs (Virtual Local
Area Networks), and encryption to enhance security and
restrict access.

Port Numbers:

1. FTP (File Transfer Protocol): 20,21

 Port Number: 21 (Control), 20 (Data)

  Used for transferring files between a client and server.

2. SSH (Secure Shell): 22

 Port Number: 22
 Used for secure remote access and administration of a device.

3. Telnet (Telecommunication Network): 23

 Port Number: 23
 Used for unencrypted remote terminal access.

4. SMTP (Simple Mail Transfer Protocol): 25

 Port Number: 25
 Used for sending email messages between servers.

5. DNS (Domain Name System): 53

 Port Number: 53
 Used for translating domain names to IP addresses and vice
versa.

6. HTTP (Hypertext Transfer Protocol): 80

 Port Number: 80
 Used for transmitting web pages and other web resources on
the World Wide Web.

7. HTTPS (Hypertext Transfer Protocol Secure): 443

 Port Number: 443

 Used for secure communication over a computer network,
widely used on the Internet.

8. POP3 (Post Office Protocol version 3): 110

 Port Number: 110

 Used for receiving email from a remote server to a local email
client.

9. IMAP (Internet Message Access Protocol): 143

 Port Number: 143

  Used for accessing email messages stored on a mail server
from a local client.

10. LDAP (Lightweight Directory Access Protocol): 389

 Port Number: 389

 Used for accessing and maintaining distributed directory information
services.
11. SNMP (Simple Network Management Protocol):161.162
 Port Number: 161 (SNMP), 162 (SNMP Trap)
 Used for monitoring and managing network devices and systems.
12. RDP (Remote Desktop Protocol):3389
 Port Number: 3389
 Used for remote desktop access and screen sharing.

### Practical Tasks

- Demonstrate the installation and configuration of a role on Windows Server (e.g., DNS or DHCP
server).

- Show how to set up a basic Active Directory environment, including creating users and groups.

- Perform a simple hardware upgrade on a server, such as adding RAM or installing a new hard drive.

- Configure a RAID array in a server and explain the steps involved.

By preparing answers and practicing these topics, you'll be well-equipped for your viva on Windows
Server fundamentals and computer hardware. Good luck!

OSI MODEL:

The OSI (Open Systems Interconnection) model is a conceptual framework that

standardizes the functions of a telecommunication or computing system into
seven distinct layers. Each layer serves a specific purpose in facilitating
communication between devices across a network. Here's an overview of the OSI
model and its layers:

1) Physical Layer
2) Data Link Layer

3) Network Layer

4) Transport Layer

5) Session Layer

6) Presentation Layer

7) Application Layer

What is Vmware :
 Virtualization software creates an abstraction layer over computer
hardware that allows the hardware elements of a single computer—
processors, memory, storage, and more—to be divided into multiple
virtual computers, commonly called virtual machines (VMs).

What is a host?
A host is a computer or other device that communicates with other hosts on
a network. Also known as network hosts, hosts include clients and
servers that send or receive data, services and applications.

What is subnetting

Subnetting is the process of dividing a larger network into smaller, more

manageable subnetworks or subnets. It's a technique used in IP
networking to efficiently allocate IP addresses and optimize network
performance. Here's an overview of subnetting and its key concepts:

Subnetting process, subnetting mask, Ip addressing, subnetting benefits,

VLSM (variable length subnetting masking)

DHCP:
A DHCP (Dynamic Host Configuration Protocol) server is a network server
that automatically assigns IP addresses and other network configuration
information to devices (such as computers, smartphones, and printers)
that connect to a network. Here's an overview of how DHCP servers work
and their key features:

Routing Information Protocol (RIP):


:Routing Information Protocol (RIP) is a dynamic routing
protocol that uses hop count as a routing metric to find the best
path between the source and the destination network. It is a
distance-vector routing protocol that has an AD value of 120
and works on the Network layer of the OSI model. RIP uses port
number

Routing Information Protocol (RIP) is a dynamic routing

protocol that uses hop count as a routing metric to find the best
path between the source and the destination network. It is a
distance-vector routing protocol that has an AD value of 120 and
works on the Network layer of the OSI model. RIP uses port
number 520.
Features of RIP
1. Updates of the network are exchanged periodically.
2. Updates (routing information) are always broadcast.
3. Full routing tables are sent in updates.
4. Routers always trust routing information received from
neighbor routers. This is also known as Routing on rumors.

1. **What is Cybersecurity?**

- Define cybersecurity and explain its importance.

Cybersecurity is the practice of defending computers, servers, mobile

devices, electronic systems, networks, and data from malicious attacks.
It's also known as information technology security or electronic
information security.

The term "cybersecurity" applies in a variety of contexts, from business to

mobile computing, and can be divided into a few common categories.
 Cyber safety tips - protect yourself against
cyberattacks
How can businesses and individuals guard against cyber threats? Here are our top
cyber safety tips:

1. Update your software and operating system: This means you benefit from the
latest security patches.
2. Use anti-virus software: Security solutions like Kaspersky Total Security will detect
and removes threats. Keep your software updated for the best level of protection.
3. Use strong passwords: Ensure your passwords are not easily guessable.
4. Do not open email attachments from unknown senders: These could be
infected with malware.
5. Do not click on links in emails from unknown senders or unfamiliar
websites:This is a common way that malware is spread.
6. Avoid using unsecure WiFi networks in public places: Unsecure networks leave
you vulnerable to man-in-the-middle attacks.

- What are the main goals of cybersecurity (CIA Triad: Confidentiality, Integrity, Availability)?

2. **Types of Cyber Threats:**

- What are the different types of cyber threats? Provide examples of each.

Types of cyber threats

1. Cybercrime
2. 2. Cyber-attack
3. 3. Cyberterrorism
4.

SQL injection
An SQL (structured language query) injection is a type of cyber-attack used to take
control of and steal data from a database. Cybercriminals exploit vulnerabilities in
data-driven applications to insert malicious code into a databased via a malicious
SQL statement. This gives them access to the sensitive information contained in the
database.

- Explain the differences between viruses, worms, and trojans.

 · Trojans: A type of malware that is disguised as legitimate software. Cybercriminals trick
users into uploading Trojans onto their computer where they cause damage or collect data.
· Virus: A self-replicating program that attaches itself to clean file and spreads throughout
a computer system, infecting files with malicious code.
· Ransomware: Malware which locks down a user’s files and data, with the threat of
erasing it unless a ransom is paid.

· Adware: Advertising software which can be used to spread malware.

· Botnets: Networks of malware infected computers which cybercriminals use to
perform tasks online without the user’s permission.

3. **Cyber Attack Techniques:**

- What is phishing and how does it work?

Phishing is a cyberthreat in which scammers try to lure

sensitive information or data from you by disguising
themselves as a trustworthy source. They do this using a
variety of communication methods, including email, Google
Chat, text messages, phone calls, and more. No matter
which method scammers use, they want your personal
information so that they can use it to access your bank
accounts or credit cards.

And they’ll send countless fake emails and smishing texts

across the globe in hopes of tricking people into exposing
this sensitive information.

How does phishing work?

While phishing can vary based on the specific type of scam
the scammer is carrying out, phishing attacks often follow
these five steps:

1. The phisher determines the target (whether an

organization or individual) and creates strategies to
collect data they can use to attack.
2. Next, the phisher creates fake emails or phony
webpages to send messages that lure data from
their victims.
3. Phishers then send messages that appear
trustworthy to the victims and begin the attack.
4. Once they’ve deployed the attack, phishers
will monitor and collect the data victims provide
on the fake webpages.
5. Finally, phishers use the collected data to make
illegal purchases or commit fraudulent acts such
as identity theft.

- Explain what a Distributed Denial of Service (DDoS) attack is.

Denial-of-service attack
A denial-of-service attack is where cybercriminals prevent a computer system from
fulfilling legitimate requests by overwhelming the networks and servers with traffic.
This renders the system unusable, preventing an organization from carrying out vital
functions.

- What is ransomware and how does it affect victims?

### Security Measures and Technologies

4. **Authentication and Authorization:**

- What is the difference between authentication and authorization?

Authentication:

 Authentication is the process of verifying the identity of a user or

entity attempting to access a system or resource.
 The goal of authentication is to ensure that the user is who they
claim to be.
 Authentication mechanisms typically involve presenting credentials,
such as usernames, passwords, security tokens, biometric
information (fingerprint, facial recognition), or digital certificates.

Authorization:

 Authorization is the process of determining what actions or

resources a user is permitted to access or perform within a system
or application after successful authentication.
 Authorization is based on the identity of the user and their
associated permissions or privileges.
 Permissions define the specific actions or operations that a user is
allowed to perform (e.g., read, write, execute) on particular
resources (e.g., files, databases, network services).

- Explain multi-factor authentication (MFA) and why it is important.

Multi-factor authentication (MFA), also known as two-factor authentication (2FA)

or multiple-step verification, is a security mechanism that requires users to
provide two or more different factors to verify their identity before granting
access to a system, application, or service. MFA enhances security by adding an
additional layer of verification beyond traditional username and password
authentication, making it more difficult for unauthorized users to gain access.
Here's how multi-factor authentication typically works:

Factors of Authentication:

Authentication Workflow:

Benefits of Multi-Factor Authentication:: Enhanced Security, User

Convenience, Compliance Requirements, Reduced Risk of Unauthorized
Access:
5. **Encryption:**

- What is encryption and why is it important in cybersecurity?

Encryption is the process of converting plaintext (unencrypted data) into

ciphertext (encrypted data) using an encryption algorithm and a cryptographic
key. Encryption is a fundamental technique in cryptography and is used to
protect the confidentiality, integrity, and privacy of sensitive information
transmitted or stored in digital form

1. Encryption Process:

 In the encryption process, plaintext data is input into the

encryption algorithm along with the encryption key.
 The encryption algorithm performs mathematical operations
on the plaintext data, transforming it into ciphertext according
to the encryption key.
 The resulting ciphertext appears as random and unintelligible
data, making it unreadable to anyone without the decryption
key.

- Explain the difference between symmetric and asymmetric encryption.

Symmetric Encryption:

 Symmetric encryption, also known as secret-key or single-key

encryption, uses the same key for both encryption and decryption.
 The encryption key and the decryption key are identical, meaning
that the same key is used to transform plaintext into ciphertext and
vice versa.
 Symmetric encryption algorithms are generally faster and more
efficient than asymmetric encryption algorithms.

Asymmetric Encryption:

 Asymmetric encryption, also known as public-key encryption, uses a

pair of distinct keys: a public key and a private key.
 The public key is used for encryption, while the private key is used
for decryption. The two keys are mathematically related but are not
identical.
 The public key can be freely distributed and shared with anyone,
while the private key is kept secret by the owner.
  Asymmetric encryption algorithms are slower and computationally
more intensive than symmetric encryption algorithms.

6. **Firewalls:**

- What is a firewall and how does it protect a network?

A firewall is a network security device or software application that monitors and

controls incoming and outgoing network traffic based on predetermined security
rules. It acts as a barrier between a trusted internal network (such as a corporate
network) and untrusted external networks (such as the Internet), filtering traffic
and enforcing security policies to prevent unauthorized access, malicious
activity, and data breaches. Here's how a firewall works and how it protects a
network:

- Explain the difference between a hardware firewall and a software firewall.

1. Hardware Firewall:
 Form Factor: A hardware firewall is a standalone physical
device, typically implemented as a dedicated network
appliance.
 Deployment: Hardware firewalls are deployed at the network
perimeter, between the internal network and the external
network (such as the Internet).
 Functionality: Hardware firewalls provide network-level
filtering and protection by inspecting incoming and outgoing
traffic at the packet level.
 Performance: Hardware firewalls are designed to handle
high volumes of network traffic efficiently and can offer
superior performance compared to software firewalls in terms
of throughput and scalability.
 Security Features: Hardware firewalls may include
advanced security features such as stateful packet inspection,
intrusion detection and prevention, VPN support, deep packet
inspection, and high availability (redundancy and failover).
2. Software Firewall:
 Form Factor: A software firewall is a piece of software that
runs on a computer or server, serving as a security application
installed on the operating system.
 Deployment: Software firewalls are deployed on individual
computers or servers, providing host-based protection for
specific devices or endpoints.
 Functionality: Software firewalls monitor and control
network traffic at the application layer of the OSI model,
allowing for more granular control and visibility into individual
applications and processes running on the host.
  Performance: Software firewalls may consume system
resources (CPU, memory) and can potentially impact the
performance of the host system, especially if running on
resource-constrained devices.
 Security Features: Software firewalls offer a range of
security features, including inbound and outbound traffic
filtering, application control, port blocking, logging and
reporting, and customizable security policies.

7. **Intrusion Detection and Prevention Systems (IDPS):**

- What is an Intrusion Detection System (IDS)? How does it differ from an Intrusion Prevention
System (IPS)?

- Give examples of how IDS and IPS can be implemented.

### Risk Management and Policies

8. **Risk Assessment:**

- What is risk assessment in the context of cybersecurity?

Cyber security risks pose a significant threat to a business’s ability to

function and remain profitable. To protect the business, organizations
implement a range of cyber security defenses designed to identify, detect,
and prevent various threats.

A cyber security risk assessment can test the effectiveness of an

organization’s cyber defenses and provide the security team with insight
regarding cyber risks and vulnerabilities.

- Explain the steps involved in conducting a risk assessment.

Conducting a risk assessment in cybersecurity involves a systematic

process of identifying, analyzing, and evaluating potential cybersecurity
risks and vulnerabilities that could impact an organization's information
assets, systems, operations, or reputation. Here's a step-by-step guide to
conducting a risk assessment:
1. Establish the Context:

 Define the scope and objectives of the risk assessment,

including the assets, systems, processes, and stakeholders to
be included.
 Identify the regulatory requirements, industry standards, and
organizational goals that will guide the risk assessment
process.

2. Identify Assets:

 Inventory and classify the organization's information assets,

including hardware, software, data, networks, and personnel.
 Identify critical assets and prioritize them based on their
value, sensitivity, and importance to the organization's
operations.

3. Identify Threats and Vulnerabilities:

 Identify potential cybersecurity threats and vulnerabilities that

could pose risks to the organization's assets.
 Consider internal and external threats, such as malware
infections, unauthorized access, insider threats, natural
disasters, and regulatory compliance failures.
 Use threat intelligence, historical data, industry trends, and
security assessments to identify known and emerging threats.

4. Assess Risks:

 Assess the likelihood and potential impact of identified

cybersecurity risks on the organization.
 Evaluate the likelihood of occurrence of each risk based on
factors such as historical data, threat intelligence, internal
controls, and external factors.
 Assess the potential impact of each risk in terms of financial
losses, operational disruptions, reputational damage,
regulatory fines, legal liabilities, and other adverse
consequences.

5. Quantify Risks:

 Quantify cybersecurity risks by assigning risk scores or ratings

to each identified risk based on its likelihood and potential
impact.
  Use quantitative and qualitative methods to estimate the
magnitude of each risk, allowing for comparison and
prioritization of risks based on their severity and importance.

6. Prioritize Risks:

 Prioritize cybersecurity risks based on their risk scores,

severity, likelihood, and potential impact on the organization.
 Consider the organization's risk tolerance, risk appetite, and
business objectives when prioritizing risks.
 Focus on addressing high-priority risks that pose the greatest
threats to the organization's assets, operations, and
reputation.

7. Develop Risk Mitigation Strategies:

 Develop risk mitigation strategies and controls to address and

manage identified cybersecurity risks effectively.
 Identify and implement technical controls (e.g., firewalls,
antivirus software, encryption), operational controls (e.g.,
access controls, security policies, incident response
procedures), and administrative controls (e.g., employee
training, security awareness programs, compliance audits).
 Allocate resources and assign responsibilities for
implementing risk mitigation measures based on the
prioritized risks and available resources.

8. Monitor and Review:

 Continuously monitor and review cybersecurity risks and

controls to ensure they remain effective and up-to-date.
 Regularly reassess and update the risk assessment to account
for changes in the threat landscape, technology environment,
business operations, and regulatory requirements.
 Adjust risk mitigation strategies and controls as needed to
address emerging threats, vulnerabilities, or changes in risk
exposure.

9. Document and Report:

 Document the results of the risk assessment, including the

identified risks, risk analysis findings, risk mitigation
measures, and risk management plans.
  Prepare risk assessment reports and communicate the
findings to senior management, stakeholders, regulatory
authorities, and other relevant parties.
 Use risk assessment reports to demonstrate the organization's
commitment to managing cybersecurity risks effectively and
to guide decision-making and resource allocation.

9. **Security Policies:**

- What are security policies and why are they important?

 Security policies help to ensure that all individuals are applying the
same standards. They outline what is considered appropriate and
inappropriate behavior, such as using company devices for personal
use or sharing passwords. They are also used to establish how
compliance is monitored and enforced.

- Describe the components of an effective security policy.

10. **Incident Response:**

- What is an incident response plan and why is it crucial for organizations?

- Outline the steps involved in an incident response process.

### Cybersecurity Frameworks and Standards

11. **Frameworks and Standards:**

- What are cybersecurity frameworks? Give examples (e.g., NIST, ISO/IEC 27001).

Cybersecurity frameworks are structured sets of guidelines, best practices,

standards, and methodologies designed to help organizations manage and
improve their cybersecurity posture. These frameworks provide a systematic
approach to identifying, protecting, detecting, responding to, and recovering
from cybersecurity threats and incidents.

1. NIST Cybersecurity Framework (CSF): Developed by the

National Institute of Standards and Technology (NIST), this
framework provides a voluntary, risk-based approach to managing
cybersecurity risk. It consists of five core functions: Identify, Protect,
Detect, Respond, and Recover.
2. ISO/IEC 27001: This is an international standard for information
security management systems (ISMS). It provides a systematic
 approach to managing sensitive company information, ensuring its
confidentiality, integrity, and availability.
3. CIS Controls: Developed by the Center for Internet Security (CIS),
this framework offers a prioritized set of actions to defend against
the most common cyber threats. It provides actionable guidance for
implementing cybersecurity best practices.
4. COBIT (Control Objectives for Information and Related
Technologies): Developed by the Information Systems Audit and
Control Association (ISACA), COBIT is a framework for governing and
managing enterprise IT environments. It provides a comprehensive
framework for managing information technology-related processes
and controls.
5. The Cybersecurity Capability Maturity Model (C2M2):
Developed by the Department of Energy (DOE), this framework
helps organizations assess and improve their cybersecurity
capabilities across various domains, including risk management,
incident response, and asset management.

- Explain the purpose of compliance standards such as GDPR, HIPAA, or PCI-DSS.

### Real-World Applications and Case Studies

12. **Case Studies:**

- Describe a well-known cyber attack (e.g., the WannaCry ransomware attack) and its impact.

- What lessons can be learned from major data breaches (e.g., Equifax, Target)?

13. **Best Practices:**

- What are some best practices for individuals to protect themselves online?

- Describe best practices for securing an organization’s network.

### Emerging Trends and Technologies

14. **Trends in Cybersecurity:**

- What are some emerging trends in cybersecurity (e.g., AI in cybersecurity, quantum encryption)?

- How are new technologies like blockchain being used in cybersecurity?

15. **IoT and Cybersecurity:**

 - What are the cybersecurity challenges associated with the Internet of Things (IoT)?

- How can IoT devices be secured?

### Practical Tasks

- Demonstrate setting up a basic firewall rule.

- Show how to create a strong password policy.

- Perform a basic encryption/decryption task using a tool like OpenSSL.

- Explain how to recognize and report a phishing attempt.

By preparing answers and practicing these topics, you'll be well-equipped for your viva on the basic
concepts of cybersecurity. Good luck!