"Windows System Management"
1, how to enter the BIOS What is the BIOS??
BIOS Basic Input Output System, - - like press DEL or F2 into the BIOS setup program.
2. What is a virtual machine?
Virtual machine running a software program on the computer, computer hardware simulation feature provides an independent computer software programs for other ring
environment.
3, the virtual machine operating mode?
1) alien architecture
as an application software installed on the operating system, can be installed on this application multiple operating systems
2) the native architecture of virtual machine software is installed directly on the computer hardware
virtual machine itself is an operating system
3. virtual machine operating mode?
1) alien architecture
as an application software installed on the operating system, you can install this application on multiple operating systems software
2) the native architecture of virtual machine software installed directly on the computer hardware
virtual machine itself is a operating system
4, IP address of the role, composition, classification?
1) effect: to identify the network address of a node
2) composed of:. + host network bits, 32 bits to be represented by four decimal numbers, separated by between open
3) Category:
EA1- 127 primary + + + master network master
B 128 -191 mesh mesh + primary master
C 192 -223 mesh mesh network master +
D 224- 239 multicast (multicast)
E 240- 254 Research
4) default subnet mask
class A 255.0.0.0
class 255.255.0.0 B
255.255.255.0 Class C
? 5. The private IP address of the backup configuration
169.254.0.1-169.254.255.254, subnet mask 255.255.0.0
. 6, range of private addresses:
A Class 10.0.0.1 ~ 10.255.255.254
Class B 172.16.0.1 ~ 172.31.255.254
type 192.168.0.1 ~ 192.168.255.254 C
7. common built-in user account
1) administrator (admin user) default administrator user. This account can not be deleted, renamed for security recommendations.
2) Guest (guest user) is disabled by default, is not available to the user accounts to temporary use, it only has limited privileges.
8, ALP rules meaning?
Local users to join a local group, and finally assign permissions to the local group (ALP meaning of the rules)
9. common file system
the FAT. NTFS. EXT
10. How to access the shared folder
1) "to browse through the network (must enable "network discovery")
2) by a UNC path: server address of the shared name
3) map a network drive: net use H: server IP share name
11. What is the printing device, what is the printer 1) printing equipment (physical? ): also known as a physical printer for printing hardware
2) printer (logical):
also known as logical printers, the printing apparatus using software to add
the advantages of the dynamic disk 12. the
It has strong scalability, high reliability, high performance than the basic read and write disks.
13, five types of dynamic characteristics of the disk
volume number storage capacity type disk performance failover
simple roll 1 all
spanned 2 to 32 unchanged all free
striped 2 to 32 read all write improve many non-
mirrored 2 - semi read lifting, write down support fault tolerance, - as the operating system for this volume on
RAID-5
volume 3 to 32 the number of disk reads lifting -1, write down support fault tolerance, read faster, - general data in this volume have
"Windows service and security"
1. What is a domain?
will organize computer logic network on together, centralized management, centralized management of this environment called domain
2. What is a domain controller (DC )
in the domain, at least one - domain controller, the domain controller holds the user account and security database for the entire domain, active directory installed a
computer known as a domain controller, the domain administrator can control each domain behavior of the user.
3. Active Directory (AD)
Active Directory: Directory is a database that stores the entire Windows objects in a network of relevant information, but also a - kind services, Active Directory can
perform various operations data
4, Default Default Domain Policy GPO (? default domain policy)
default domain controllers policy (the controllers the default domain policy)
5. open a command local security policy
secpol.msc
"basic network construction,"
What is the line sequence 1. T568b?
White orange, bits, white and green, blue, white, blue, green, white brown, brown
structure 2. IP address and what is the role of the network structure is divided and host bits, distinguished by a subnet mask;? 32bit length;
function is: within a certain range, the only - - represents - network devices;
3, the structure and what is the role of the MAC address?
structure custom front half portion and the latter half of manufacturer code number, 48bit length;
effect They are: globally, only - represents a network hardware device;
what is the role 4. ARP?
based on the IP address corresponding to the MAC address is obtained, in order to achieve fast data frame encapsulation.
5. Based on the common sequence of different types of wire, cable have?
Direct line: At both ends of the same line;
cross lines: - edge 568A to line sequence, - the edge line order 5688;
inversion lines: two line sequence, opposite ;
6. intersection line is under what circumstances to use?
connect the same types of devices, using a crossover cable:
7. What is exchanged?
same subnet communication portion, called the "exchange";
8, the working principle of the switch ? What is
1) forming a MAC address table
, when the switch receives the data frame is a port, the source MAC address of the data frame will be associated with the corresponding ingress port, formed MAC address table
entry;
2) MAC address lookup table
switch data frame destination MAC address is compared to the MAC address table entries. If you can find the corresponding entry is based on port forwarding
go out; if there is no corresponding entry is found, the broadcast (that is sent from a port other than the port out)
9. What is the route?
Communication between different network segments, called "routing";
10, what is the difference between TCP and UDP?
TCP link is stable, but the link established time-consuming, long delay;
fast UDP data transmission speed, but easy to lose data, instability;
classification 11. IP address which?
a-0 127 ~
the B-191 128 ~
the C-23 is 192- ~
D-224 ~ 239
E-240 ~ 255
"SME network construction"
the description of the STP works
By default, the switch to start the STP function. After power switched by the switches connected to each other and compare the BPDU transmission, thereby ensure
security in the network destined for any device, there is only one - the shortest, acyclic, layer 2 the data transfer path. Specific process is as follows:
# first determining role of the switch: root switch and non-root switch;
# secondly determining role of the port: root port, designated port, and a designated port;
# finalize state of a port: down listening, learning forwarding.. . blocking
what electoral principles 6. STP root switch is?
determined by BID (bridge ID) comparing each switch. Wherein the first priority level comparison, smaller value is better, the default value is 32768;
the same priority, in which the MAC address is more, smaller value is better;
7. The Trunk link encapsulation protocol What?
802.1Q and . ISL
former is a public standard, is increased by four bytes of the original data;
The latter is a Cisco proprietary protocol, an increase of 30 bytes of the original data;
8, what is the working principle of the router?
After receiving the packet, even in the destination IP address in the IP header to match the routing table "entries, If a match is found, the corresponding interface in turn
sent out; if the match fails, the packet is discarded;
9. What is gateway?
i.e. a network destined for a network when additional outlet.
10. What is the SVI?
the SVI refers to the exchange of virtual port, a VLAN is represented by the corresponding layer 3 IP interface, the VLAN is typically used as the main members of all
machines gateway IP.
11. the type of the STP What?
802.1D-the STP, generated tree protocol;
802.1W- RSTP, the rapid spanning tree protocol;
802.1S- MSTP, Multiple spanning tree protocol;
convergence time 12. STP is how much?
30s ~ 50s
13, the role and status of the switch ports RSTP in What?
- port role
root port, designated port, an alternative port (an alternative is the root port), a backup port (backup is the designated port)
- port status
learning: learning state; forwarding: forwarding state; discarding: discard state
14, the role of GVRP is What?
GVRP, VLAN General Registry agreement is a public protocol
is mainly used to automatically synchronize VLAN information between switches, VLAN on the switch in order to ensure consistency of information in the database.
What is the role of 15. DHCP?
Through the erection of a DHCP server, automatically assign IP addresses and other relevant parameters of the host terminal,
thereby realizing a batch of IP address allocation and management, improve management efficiency.
16, RIP is divided into several versions, what works?
RIP into RIPv1 and RIPv2;
Principle:
After the router running RIP, RIP periodically sends update messages on the port to start the process, ensuring conservation among router the RIP
database is fully synchronized;
after receiving RIP packets RIP into the database, and choose the best routing entry into the routing table. When the network changes, RIP
quickly sends update messages to inform other RIP routers.
And for ensuring the stability of the entire communication network.
"Construction of a large enterprise network,"
What 6. OSPF process work?
# First establish OSPF adjacency table;
# followed by OSPF database synchronization;
# final calculation of OSPF routing table;
state 7. OSPF to establish neighbor what?
#Down, the port is not enabled OSPF protocol;
#init, the initialization state;
# TWO-Way, bidirectional communication state;
#exstart, exchanging initialization state;
#exchange, exchange state;
#loading, loading state;
#full, adjacency state;
. 8, which OSPF belongs OSI ? - - how to represent the packet layer What types??
OSPF belonging to OSI layer 3 protocol number 89;
packet types are:
Mouth Hello: hello packets for establishing a neighbor, maintenance and dismantling;
ports DBD: Database Description packets for reliable database synchronization;
port LSU: LSU messages for updating a database of entries achieved transmission;
mouth LSR: link state request packet for requesting the entry of the database to achieve;
mouth LSAck: link state acknowledgment packets for enabling confirmation of LSU and LSR packets, reliable transmission of data packets;
9. IPv6 address space is how much, how to represent?
IPv6 address is represented by 128 bits, so 128 is a power of 2;
expressed as: colon hexadecimal points;
what role 10. OSPF virtual link is ?
action OSPF virtual link is to connect non-backbone area to zero area.
What special area 11. OSPF there?
Stub area
Totally stub area
NSSA area
Totally NSSA area
"advanced routing and switching, and security,"
1, BGP belongs to the OSI model which - -? Layer
BGP located OSI Layer 7, the socket for the TCP 179.
What is the role 2. BGP is?
mainly used between different networks, flexible control route.
What 3. BGP internal anti-ring mechanism? IBGP split horizon.
It is represented: from internal BGP routing neighbor received, not transferred to another IBGP neighbors.
4. For IBGP neighbors split level, what solutions?
# The first solution: IBGP neighbor full-mesh;
# The second solution: IBGP Union;
# A third solution: IBGP route reflector;
5, BGP that contains several tables?
#BGP neighbor
#BGP database
#BGP routing table
what role 6. QOS is?
of traffic on the network in accordance with certain rules of classification, and these traffic bandwidth reservation and guarantee to ensure that the flow of interest in
the network of high efficiency, low-latency forwarding;
7, outlined ASA firewall CONN table quintuple the contents of
the source IP address, destination IP address, source port number, destination port number, TCP / UDP protocol
8, access between the inside and the outside interface ASA firewall, to comply with the default rules
allow outbound (outbound) connected blocks inbound (inbound) connected to
9. Brief concept and function of the DMZ
DMZ as "Quarantine", also called "demilitarized zone *
is a region located between the internal network and external networks can be placed - some the server must disclosed, for example,
Web servers, FTP servers and forums,
10. the effect of the following description of the configuration commands
ASA (config) # Inside Object Network
ASA (config-Network-Object) 10.1.1.0 255.255.255.0 Subnet # ASA (CON Object-Network-fig) # NAT
(Inside, Outside) Dynamic 172.16.1.200
ASA firewall dynamic PAT
11. Description of Huawei firewall default security zone
Untrust (non-trusted zone): Security Level 5, commonly used to define Internet traffic.
DMZ (Demilitarized Zone): Security Level 50, typically used for walking areas righteousness server resides.
Trust (Trusted Zone): Security Level 85 is commonly used in the area where the defined network.
Local (local area): security level 100, the definition of the main area, the device itself initiate a traffic or equipment arrived from
the body flow. For example Teinet. SNMP. NTP, IPsec VPN and other traffic.
"Network security"
1. Briefly DoS attacks
automatically saved
DoS (Denial of Service) refers to is that no matter by what means, the ultimate goal lead to system crashes, freezes, making it impossible to provide normal service
conditions or access to resources.
DoS attacks are more common in flood ways, such as Flood SYN. The Ping Flood,
SYN Flood Attacks using TCP three-way handshake protocol, sending a large number of forged source IP address of SYN, each server receives a
SYN connection information necessary for this assignment the core half and placed in connection queue memory, and then returns to the source address of the SYN + ACK and waits for the source returns
back ACK. Because the source address is forged, so the source will never return ACK. If the received SYN too short, semi-connected
connection queues will overflow, the operating system will discard some connection information, so that normal passenger
SYN request sent by the user connected to the server will be discarded.
Ping Flood is sent to the target by a large number of data packets, resulting in the other's network congestion, Fu wide exhausted, and thus can not provide normal services.
2. Description VPN definition
VPN (Virtual Private Network, Virtual Private Network) is a network between the two entities created - kind of a protected connection, the two
entities can be directly connected via point to point links, it can also be connected via the Internet.
3. Description of an asymmetric encryption algorithm
asymmetric public and private key encryption algorithm using two different keys for encryption and decryption. Data encrypted with one key can only be another secret
decryption key, and not from the - keys deduce the other key.
4. Brief IPSec VPN stage with a stage two
IPSec VPN using ISAKMP / IKE Phase 1 to build a secure management connection, the connection management is just a preparation, it is not
used for the actual data transfer. How to achieve certification need to be clear before configuring the device, which use encryption and authentication algorithms, DH group which use
issues.
ISAKMP / IKE phase 2 is used to establish a secure data connection, the data connection for transmitting real user data. Before configuring a clear need to make
use what security protocols, security protocols for specific authentication algorithm or the encryption should be used, and a data transmission mode (tunnel mode or transport mode
) and other problems.
5, briefly ISAKMP / IKE Phase 2 safety protocol
ISAKMP / IKE Phase 2 includes security protocols AH and ESP.
AH protocol only authentication, no encryption; both authentication and ESP protocols, but also encryption.
6, briefly IDS and IPS
intrusion detection systems (Intrusion Detection System, IDS) of intrusion discovery (alarm), but does not perform the corresponding process.
Intrusion Prevention System (Intrusion Prevention System, IPS) to find and intrusion prevention processing accordingly.
"Cloud Host Management and Maintenance"
1. Use nmcli - Create a new connection and configure a static IP address and other parameters
nmcli connection add con-name "connection name" ifname 'interface name "of the type ethernet
nmcli modifty Connection" connection name " ipv4.method manual ipv4.address "IP address / mask length default gateway"
nmcli modifty connection "connection name" ipv4.dns DNS server addresses yes # nmli connection.autoconnect
connection up "connection name"
2. Description of the Linux directory /. ... / boot / home, / root / bin / dev / etc uses.
/: root directory of the entire Linux file system
/ boot: storage system kernel boot menu configuration and other file
/ home: storage of common user's default home directory (a subdirectory of the same name)
/ root: administrator's home directory
/ bin / sbin:. storage system commands, executable program
/ dev: device file to store all kinds of
/ etc: storage of various system configuration, system service profile
3, ? use the Linux command line wildcard role
: any number of any character
?:
/etc/yum.conf .. vim
gpgcheck = 0 // Disable software signature check
URL address yum-config-manager --add-repo source software // add a new configuration
yum repolist // confirm warehouse list
5. How to set document and access to a home
set the document attribution:
chown -R & lt owner: is a group document ..
chown -R & lt document owner ... # chown -R: ... is a group of document
set document permissions:
the chmod -R & lt ugoa + - = rwx documentation
process 6, outlined the deployment vsftpd server on CentOS Linux host series
1) install software packages
yum -y install vsftpd
2) configuration
useradd username // add a login account for the FTP user
passwd // set the login user name for the user password
3) from the server
systemctl restart vsftpd // open the service program
systemctl enable vsftpd // after you set this service to start automatically
7. What RAID array means that, RAIDO, RAID1, RAID10 RAID5, RAID6 other features at all levels of contrast.
RAIDO: banding pattern, at least two disks, concurrent read and write efficiency by
RAID1: mirror mode, at least two disks, disk devices to improve the reliability of the mirroring
RAID10: + strip mirror mode, corresponding to RAID1 + RAIDO, at least four disks, read efficiency and reliability are higher
RAID5: cost-effective mode, at least three disks, a disk capacity is used to store parity recovery data
RAID6: a RAID5 corresponding to the extended version, at least four disks, two disk capacity used to store the check data restore
8. httpd server configuration, quickly add a new virtual host
1) for each virtual host establishing - a separate profile parts, into /etc/httpd/conf.d/ directory, the profile name to the junction .con
2) configuration <VirtualHost IP address: port number> .... <MirtualHost> tag segment in which the statement
ServerName specify the domain name, using the specified DocumentRoot directory page
3) and then re-start the service httpd
9. dynamic and static web pages difference, the conditions for httpd platform to support PHP programs need to have
static pages: browser access to the web page file is a file server provides
dynamic web: web browser access to the file is specified by the server program dynamically generated web page file
support PHP program: installation h ttpd. php package
10, outlined the company's Web site is deployed to process the ECS ECS Ali Ali cloud cloud computing services of elasticity, also known as the cloud services
business unit. : ECS cloud-based server site cloud procedure
1) Sign up Ali cloud account
2) buy a foreign ECS servers, or the amount of long-time billing, security configuration Group Policy open port 80
3) purchase - a domain, the goal is set to resolve the public IP address of the purchased ECS
4) complete site for the record (optional)
5) ready corporate Web site documents uploaded to the Web server directory ECS
6) on the corporate website from the Internet via an optional domain name