IBM Q & Ans
-
Upload
sujeet-singh -
Category
Documents
-
view
225 -
download
0
Transcript of IBM Q & Ans
-
8/3/2019 IBM Q & Ans
1/24
Hi Sam,
if everyone can contribute then i will put forward some valuable questions asked for me in my interviews.
i am looking for some questions answers .so please contribute to this.
Questions asked in for my ibm interview
1)what are the disk types used in a two node cluster?2)where are the quorum information stored in a cluster?3)is there any 3 node cluster available,if so which one that? N node majority set where we can have quorum onthree nodes4)how can we add group policy to a group of 100 users in a domain? apply group policy to a group other thanusing OU? he is telling like we can do that practically ---- no idea5)we have a domain set with 10 dcs and all are initially windows mixed mode.i have the system state backupand finally I raised the functional level to 2003.suddenly one of my dc goes down how can I restore the dcfrom that backup?6)what are the different types of cluster available?7)how many ips are required for 3 node cluster? What are they?8)what is the difference between 2003 and 2008 dns?9)what is ADDS and ADLDS WHERE WE ARE USING IN WINDOWS 2008?10)HOW WE WILL ADD unique wall paper for set of users/11)how we will enable auditing for a set of users login to domain and where we will do that?12)how the policy are apllied in ADthe levels?13)what are the difference between windows 2003 and windows 2008?14)how the change management is done in our work?15)what are the relevant things we have to take care when we performing a change?16)what we will do in case of an emergency where CAB is difficult to call for ?17)what is application directory partition and please mention any other incident of an application directorypartition we are having other than dns?18) where we will do the replication thing in domain?19)what is service activation and deactivation kind of jobs?20)what we need to do for server builds related to software repositorys?21)when service pack 2 is not working in 2003,how we will trouble shoot that to msake that to install inwindows?22)mention any critical issue you face while doing the server build?23)what are relevnt things you need to collect before performing any server buid other that os softwares?24)how you will trouble shoot whether the cluster is working or not?25)where we will place the quorum in a cluster?26)what is AD and DC?
how to find the dc where client authentication is carried on?
ans:nltest /dsgetdc:domainname
how to find what happened to the server which rebooted when we verify application log to find an application?
ans : try to reboot the server and log in safemode to find the root cause -- any other suggestions
questions asked in accenture interview
what is change management?
What sort of activity you are doing related to change management in your company?
-
8/3/2019 IBM Q & Ans
2/24
What is release management?
How we will troubleshoot problems with password for users in AD?
How we will troubleshoot login problems for users in AD?
What are the general concepts related to ISO standards in IT expecially ISO27000?
What are the roles used in AD?
What is stub zone in dns and whether the database is Read only or R/W?
What is dhcp and what is its working process?
What is the upstream and downstream in WSUS?
What is the data size of LTO 3------- 400/800 GB ,LTO 4--------- 800/1600 GB?
What is the port used by the clients to push patches from a WSUS server -------- 80 ?
Whether forwarders are available for use in windows 2000? --------- NO
What is incident management?
interview questions asked in first american corporation
1)what are main differences between 2003 and 2008 AD(mention any 3)
2)where is the logfiles of iis 6 located?
3)what is meant by basic and windows authentication?
4)what are the main resources we are used for a file server cluster.
5)Wnere is the cluster database file lcated
6)What is the name of the load balancer device used here? Ab director
7)How we will direct the client authentication to another dc?
Ans:
Problem
The following question was posted in the Technical Q&A by NateH:
"I have a client that has two physically separate buildings. They have a T1 connection between the two andhave been running with one server for both buildings. Building 1 is on subnet 10.0.0.0 and building 2 is on10.1.0.0. I am setting up a domain controller in the second building and was wondering how to configure theclients so that they logon/authenticate via that second DC rather than the first DC [across the WAN link]. Do Ineed to set it up as a second site [in Active Directory], or can I set it up as the same site?"
Solution
-
8/3/2019 IBM Q & Ans
3/24
An excellent explanation was provided by BFilmFan (one of the most of the most prolific posters in theTechnical Q&A):
"You should create an Active Directory site for building 2 and associate it with the subnet 10.1.0.0. Clientslocate a domain controller based upon their site information. There is a fairly thorough explanation of this onMicrosoft's site. Job Aids for Windows 2003 has a worksheet that will probably impress the management
folks. And an example of planning domain controller placement can be found here."
8)what do you meant by authoritative and non authoritative restore how we will perform non authoritativerestore?
10)whether we can the VMware files in hyperv?
11)domain rename can be done in windows 2003 or not?
12)what do you mean by scope?
13)what is stub zone in dns?
14)why we configuring subnets under sites?
15)how we will configure round robin win windows DNS?
What we have to do when we face a problem when we are installing sp2 on windows server 2003Problem:
Microsoft Server 2003 Small Business Server (SBS) Service Pack 2 Failed to install catalog files.Failed to install catalog files error.Windows Server 2003 has been partially updated and may not work properly.
Solution 1:
1. Click Start -> Run and type "cmd" (without quotes) and press Enter.2. Run this command in the command prompt: Net stop Cryptsvc3. Go to C:\Windows\system32\catroot2 and rename Edb.log to Edb.txt.4. Click Start -> Run and type "cmd" (without quotes) and press Enter.5. Run this command: Net start Cryptsvc6. Reboot the server.7. Install the Service Pack 2 (Win 2003 SP2) again.There is a chance that you may get the error again. If so, go to Solution 2.
Solution 2:
1. Create a folder on the desktop and name it "temp" (without quotes.)2. Go to C:\Windows\system32\CatRoot folder.3. Press "F3" on your keyboard (Search the folder for files/directories.)
4. Search for "tmp*.cat, KB*.cat" (without quotes.) Make sure you search for all files and folders in CatRootfolder.5. Move all the files to temp folder on the desktop.6. Reboot the system.7. Install Windows Server 2003 Service Pack 2 again after the server restarts.
Interview questions asked (HP)
-
8/3/2019 IBM Q & Ans
4/24
1)what are main difference between 2000 and 2003 DNS?
2)what the event iDS 2020 and 2019 represents?
3)What are the debugging tools using for troubleshooting the memory dumps files in windows?
4)what is the name of the debugging tools used troubleshooting memory dumps?
5)how we will troubleshoot clustering in windows 2003?
6)what is the importance of pdc emulater ?
7)what are remote management tools used for HP,dell and ibm? Ilo ,drac and ??/
8)what will do to trouble shoot memory dump errors?
9)what is conditional forwarding in dns?
please add answers to these questions and we will discuss this in detail.also put forward others experience
#5LifeMember
Members
58 posts
Gender:Male
Location:india
Posted 08 June 2010 - 05:27 PM
more to come..
Interview questions and answers-------- updating
1)what are the disk types used in a two node cluster?
Single quorum device cluster, also called a standard quorum cluster
Single Quorum Device Cluster The most widely used cluster type is the single quorum device cluster, also called the standard
quorum cluster. In this type of cluster there are multiple nodes with one or more cluster disk arrays,
also called the cluster storage, and a connection device, that is, a bus. Each disk in the array is
owned and managed by only one server at a time. The disk array also contains the quorum
resource. The following figure illustrates a single quorum device cluster with one cluster disk array.
Single Quorum Device Cluster
2) where are the quorum information stored in a cluster?
http://www.sadikhov.com/forum/index.php?/topic/178656-system-administrator-ad-interview-question/page__view__findpost__p__884904http://www.sadikhov.com/forum/index.php?/topic/178656-system-administrator-ad-interview-question/page__view__findpost__p__884904http://www.sadikhov.com/forum/index.php?/user/34801-life/http://www.sadikhov.com/forum/index.php?/user/34801-life/http://www.sadikhov.com/forum/index.php?/user/34801-life/http://www.sadikhov.com/forum/index.php?/user/34801-life/http://www.sadikhov.com/forum/index.php?/topic/178656-system-administrator-ad-interview-question/page__view__findpost__p__884904 -
8/3/2019 IBM Q & Ans
5/24
A quorum is the clusters configuration database.
The database resides in a file named \MSCS\quolog.log. The quorum is sometimes also referred to
as the quorum log.
If the error message occurs after you restore the system state on a computer that has lost the
quorum log, the quorum information is copied to %SystemRoot%\Cluster\Cluster_backup. You can
use the Clusrest.exe tool from the Resource Kit to restore this information to the quorum disk.
Although the quorum is just a configuration database, it has two very important jobs. First of all, ittells the cluster which node should be active.
The quorum tells the cluster which node is currently active and which node or nodes are in stand by.
In Windows Server 2003, Microsoft introduced a new type of quorum called the Majority Node Set
Quorum (MNS).
The thing that really sets a MNS quorum apart from a standard quorum is the fact that each node
has its own, locally stored copy of the quorum database.
Although MNS quorums offer some interesting possibilities, they also have some serious limitations
that you need to be aware of. The key to understanding MNS is to know that everything works based
on majorities. One example of this is that when the quorum database is updated, each copy of the
database needs to be updated. The update isnt considered to have actually been made until over
half of the databases have been updated ((number of nodes / 2) +1). For example, if a cluster has
five nodes, then three nodes would be considered the majority. If an update to the quorum was
being made, the update would not be considered valid until three nodes had been updated.
Otherwise if two or fewer nodes had been updated, then the majority of the nodes would still have
the old quorum information and therefore, the old quorum configuration would still be in effect.
3)Is there any 3 node cluster available, if so which one that?
Majority Node set where we can have quorum on three nodes.
One of the most important things to know about MNS is that you must have at least three nodes in
the cluster.
Remember that a majority of nodes must be running at all times. If a cluster only has two nodes,
then the majority is calculated to be 2 ((2 nodes / 2) +1)-2. Therefore, if one node were to fail, the
entire cluster would go down because it would not have quorum.4)how can we add group policy to a group of 100 users in a domain?Apply group policy to a group
other than using OU? he is telling like we can do that practically ---- no idea
Normally we will assign it through OU.We will put these users in that specific OU and apply policy to
that OU.
In order to apply Group Polices to specific users or computers, you add users (or groups) and
computers to container objects. Anything in the container object will then get the policies linked to
that container. Sites, Domains and OUs are considered container objects.
Computer and User Active Directory objects do not have to put in the same container object. For
example, Sally the user is an object in Active Directory. Sally's Windows 2000 Pro PC is also an
object in Active Directory. Sally the user object can be in one OU, while her computer object can beanother OU. It all depends on how you organize your Active Directory structure and what Group
Policies you want applied to what objects.
Reference: http://www.svrops.co...s/gpolicies.htm
5)we have a domain set with 10 dcs and all are initially windows mixed mode.i have the system state
backup and finally I raised the functional level to 2003.suddenly one of my dc goes down how can I
restore the dc from that backup?
http://www.svrops.com/svrops/documents/gpolicies.htmhttp://www.svrops.com/svrops/documents/gpolicies.htm -
8/3/2019 IBM Q & Ans
6/24
What I have answered is no need to use the backup. We have to reinstall a new dc with same name
and connect with the existing setup as after replication data will get update to each other
If any problem with that then need cleanup the device info from the AD database and do the same
as all dcs are peers.
6)what are the different types of cluster available?
three different types of server clusters:
Single quorum device cluster, also called a standard quorum cluster Majority node set cluster
Local quorum cluster, also called a single node cluster
Single Quorum Device Cluster
The most widely used cluster type is the single quorum device cluster, also called the standard
quorum cluster. In this type of cluster there are multiple nodes with one or more cluster disk arrays,
also called the cluster storage, and a connection device, that is, a bus. Each disk in the array is
owned and managed by only one server at a time. The disk array also contains the quorum
resource. The following figure illustrates a single quorum device cluster with one cluster disk array.
Single Quorum Device Cluster
Because single quorum device clusters are the most widely used cluster, this Technical Reference
focuses on this type of cluster.
Majority Node Set Cluster
Windows Server 2003 supports another type of cluster, the majority node set cluster. In a majority
node set cluster, each node maintains its own copy of the cluster configuration data. The quorum
resource keeps configuration data consistent across the nodes. For this reason, majority node set
clusters can be used for geographically dispersed clusters. Another advantage of majority node set
clusters is that a quorum disk can be taken offline for maintenance and the cluster as a whole will
continue to operate.
The major difference between majority node set clusters and single quorum device clusters is that
single quorum device clusters can operate with just one node, but majority node set clusters need to
have a majority of the cluster nodes available for the server cluster to operate. The following figure
illustrates a majority node set cluster. For the cluster in the figure to continue to operate, two of thethree cluster nodes (a majority) must be available.
Majority Node Set Cluster
This Technical Reference focuses on the single quorum device cluster.
Local Quorum Cluster
A local quorum cluster, also called a single node cluster, has a single node and is often used for
testing. The following figure illustrates a local quorum cluster.
Local Quorum Cluster
7)how many ips are required for 3 node cluster? What are they?
Scenario supporting above questionsIn a hypothetical scenerio:
I want 4 node, active/active/active/active cluster.
There are 4 sql instances installed on each node, with name SQLInstance1....
SQLInstance4
My questions:
-
8/3/2019 IBM Q & Ans
7/24
1) Can I use just one virtual name, for example SQLVirtualServer and clients
can access sql instances in format SQLVirtualServer\InstnaceName? Or Do I
need to create separate pair or virtual name/IP for each sql instance?
How many total IP addresses/hostnames I will need in 4 nodes/instances
cluster?
2) Each instance will be active on one node and other three nodes will in
stand by mode for that instance? Or there can be only on node in stand by for
each instance?
3) if there can be multiple nodes stand by, how it is determined which node
will take over in case of a failure?
Ans: Each instance must be installed in a unique virtual server.
Virtual names must be unique and instance names must be unique.
You will need 9 names and IP addresses;
One for each node (4)
One for each instance(4)
and one for the cluster itself(1)
Instances and nodes are independent entities. You can spread instances
across all the nodes or stack them together. Note that instances do not
have to consume an entire node.
Clustering chooses the least loaded node to failover to or you can set a
preferred failover order per instance.
I suggest building a virtual guest cluster and playing with clustering to
get the concepts down before you try and design a production system.
8)what is the difference between 2003 and 2008 dns?
Top 10 new features in Windows Server 2008
1. The self-healing NTFS file system
2. Parallel session creation
3. Clean service shutdown
4. Kernel Transaction Manager
5. SMB2 network file system
6. Address Space Load Randomization (ASLR)
7. Windows Hardware Error Architecture (WHEA)8. Windows Server Virtualization
9. PowerShell
10. Server Core
^ Windows Server 2008 R2 supports DNSSEC, however dynamic DNS is not supported for
DNSSEC-signed zones. For earlier versions including Windows Server 2003, DNSSEC functionality
must be manually activated in the registry. In these versions, the DNSSEC support is sufficient to act
as a slave/secondary server for a signed zone, but not sufficient to create a signed zone (lack of key
-
8/3/2019 IBM Q & Ans
8/24
generation and signing utilities).
^ IPv6 functionality in the Microsoft DNS server is only available on Windows Server 2003 and
newer.
Prior to Windows Server 2003 and Microsoft Windows 2000 Service Pack 3, the most common
problem encountered with Microsoft's DNS server was cache pollution. Although Microsoft's DNS
Server had a mechanism for properly dealing with cache pollution, the mechanism was turned off by
defaultIn 2004, a common problem involved the feature of the Windows Server 2003 version of Microsoft's
DNS server to use EDNS0, which a large number of firewalls could not cope with. [3]
What's New in DNS in Windows Server 2008
Windows Server 2008 provides a number of enhancements to the DNS Server service that
improve how DNS performs.
Overview of the Improvements in DNS
The DNS Server role in Windows Server 2008 contains four new or enhanced features that improve
the performance of the DNS Server service or give it new abilities:
Background zone loading: DNS servers that host large DNS zones that are stored in Active
Directory Domain Services (AD DS) are able to respond to client queries more quickly when they
restart because zone data is now loaded in the background.
IP version 6 (IPv6) support: The DNS Server service now fully supports the longer addresses of the
IPv6 specification.
Support for read-only domain controllers (RODCs): The DNS Server role in Windows Server 2008
provides primary read-only zones on RODCs.
Global single names: The GlobalNames zone provides single-label name resolution for large
enterprise networks that do not deploy Windows Internet Name Service (WINS). The GlobalNames
zone is useful when using DNS name suffixes to provide single-label name resolution is not
practical.
Global query block list: Clients of such protocols as the Web Proxy Auto-Discovery Protocol
(WPAD) and the Intra-site Automatic Tunnel Addressing Protocol (ISATAP) that rely on DNS name
resolution to resolve well-known host names are vulnerable to malicious users who use dynamic
update to register host computers that pose as legitimate servers. The DNS Server role in WindowsServer 2008 provides a global query block list that can help reduce this vulnerability.
What are the major changes in dns for windows 2008 R2?
Support for Domain Name System Security Extensions (DNSSEC) is introduced in Windows
Server 2008 R2 and Windows 7. With Windows Server 2008 R2 DNS server, you can now sign
and host DNSSEC-signed zones to provide security for your DNS infrastructure.
The following changes are available in DNS server in Windows Server 2008 R2:
Ability to sign a zone and host signed zones.
Support for changes to the DNSSEC protocol.
Support for DNSKEY, RRSIG, NSEC, and DS resource records.
The following changes are available in DNS client in Windows 7:
Ability to indicate knowledge of DNSSEC in queries.
Ability to process the DNSKEY, RRSIG, NSEC, and DS resource records. Ability to check whether the DNS server with which it communicated has performed validation on
the clients behalf.
The DNS clients behavior with respect to DNSSEC is controlled through the Name Resolution
Policy Table (NRPT), which stores settings that define the DNS clients behavior. The NRPT is
typically managed through Group Policy.
What does DNSSEC do?
DNSSEC is a suite of extensions that add security to the DNS protocol. The core DNSSEC
-
8/3/2019 IBM Q & Ans
9/24
extensions are specified in RFCs 4033, 4034, and 4035 and add origin authority, data integrity, and
authenticated denial of existence to DNS. In addition to several new concepts and operations for
both the DNS server and the DNS client, DNSSEC introduces four new resource records (DNSKEY,
RRSIG, NSEC, and DS) to DNS.
In short, DNSSEC allows for a DNS zone and all the records in the zone to be cryptographically
signed. When a DNS server hosting a signed zone receives a query, it returns the digital signatures
in addition to the records queried for. A resolver or another server can obtain the public key of thepublic/private key pair and validate that the responses are authentic and have not been tampered
with. In order to do so, the resolver or server must be configured with a trust anchor for the signed
zone, or for a parent of the signed zone.
DNS Devolution
Published: October 21, 2009
Devolution is a behavior in Active Directory environments that allows client computers that are
members of a child namespace to access resources in the parent namespace without the need to
explicitly provide the fully qualified domain name (FQDN) of the resource.
With devolution, the DNS resolver creates new FQDNs by appending the single-label, unqualified
domain name with the parent suffix of the primary DNS suffix name, and the parent of that suffix,
and so on, stopping if the name is successfully resolved or at a level determined by devolution
settings.
For example, if the primary DNS suffix is central.contoso.com and devolution is enabled with a
devolution level of two, an application attempting to query the host name emailsrv7 will attempt to
resolve emailsrv7.central.contoso.com and emailsrv7.contoso.com. If the devolution level is three,
an attempt will be made to resolve emailsrv7.central.contoso.com, but not emailsrv7.contoso.com.
Devolution is not enabled in Active Directory domains when the following conditions are true:
1. A global suffix search list is configured using Group Policy.
2. The Append parent suffixes of the primary DNS suffix check box is selected on the DNS tab in the
Advanced TCP/IP Settings for IPv4 or IPv6 Internet Protocol (TCP/IP) Properties of a client
computers network connection.
9)what is AD DS and ADLDS WHERE WE ARE USING IN WINDOWS 2008?
AD DS is the active directory domain servicesActive Directory Application Mode (ADAM) is a light-weight implementation of Active Directory.
ADAM is capable of running as a service, on computers running Microsoft Windows Server 2003 or
Windows XP Professional. ADAM shares the code base with Active Directory and provides the same
functionality as Active Directory, including an identical API, but does not require the creation of
domains or domain controllers.
Like Active Directory, ADAM provides a Data Store, which is a hierarchical datastore for storage of
directory data, a Directory Service with an LDAP Directory Service Interface. Unlike Active Directory,
however, multiple ADAM instances can be run on the same server, with each instance having its
own and required by applications making use of the ADAM directory service.
In Windows Server 2008, ADAM has been renamed AD LDS (Lightweight Directory Services).[15]
Active Directory Lightweight Directory Services
Active Directory Lightweight Directory Services (AD LDS) provides directory services for directory-enabled applications. AD LDS does not require or rely on Active Directory domains or forests. AD
LDS was previously known as Active Directory Application Mode (ADAM).
10)HOW WE WILL ADD unique wall paper for set of users/
If you run a company, you might want to set your company logo or any particular wallpaper on all of
your users' desktops. On the other hand, if you use a single system you might still want to have your
desired wallpaper on Desktop and it really annoys when someone changes the wallpaper.
So if you are tired from people changing the wallpaper and want to prevent users from changing it
-
8/3/2019 IBM Q & Ans
10/24
everyday, then this tutorial will help you.
In this tutorial, you'll learn a way to set your desired wallpaper on Desktop and no one will be able to
change it neither from Desktop Properties nor by right-clicking on an image and select "Set as
Desktop Background".
So here we start our tutorial:
1. Type regedit in RUN dialog box or Startmenu Search box and press Enter. It'll open registry
Editor.2. Now go to following key:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies
3. Under "Policies" key, create a new key "System". It might already exist in some systems.
4. Now select "System" key and in right-side pane, create a new STRING value Wallpaper and set
its value to the exact path of your desired wallpaper. You can use .JPG and .BMP files in this
method.
e.g. if your wallpaper exists in "E:\Wallpapers\Wall1.JPG", then set the same path as value of
"Wallpaper".
5. You can also set the wallpaper style e.g. Centered, Tiled or Stretched. Create a new STRING
value WallpaperStyle and set its value to as following:
0 (Centered)
1 (Tiled)
2 (Stretched)
6. That's it. Now restart or log off your system and no one will be able to change the wallpaper.
PS: If you also want to disable the "Desktop" tab in Desktop Properties, then you can visit following
tutorial:
We can also enable the group policy options like enable desktop wall paper and enable active
desktop in group policy
In case if this is not properly working for the OU where we apply this also try with the following
registry key
Based on our test, it seems the Registry key [HKEY_CURRENT_USER\Control
Panel\Desktop\WallPaper] is missing and caused this problem. To work around this issue, pleasecreate a String Value [HKEY_CURRENT_USER\Control Panel\Desktop\WallPaper] on client and try
to set wallpaper.
We can use Group Policy Preference->Registry to deploy this Registry key or use user logon script
to deploy this Registry key.
11)how we will enable auditing for a set of users login to domain and where we will do that?
Windows & Active Directory Auditing
If you are like most administrators, you want to know who is logging on, to which computer, and
accessing resources on your servers. For your Windows computers and Active Directory
environment, you have options to help you determine what you want to know.
If you fall into the category of a highly-secure environment, where you need to track access to some
or all of the resources on the network, you also have options to help you track the access to the
resources. The feature in Windows that provides this tracking and logging of who is accessing which
resource from computers on the network is called auditing. There are numerous auditing options and
configurations that you can choose from. We will take a look at each option and go over what each
option can provide for you.
-
8/3/2019 IBM Q & Ans
11/24
-
8/3/2019 IBM Q & Ans
12/24
from, or making a network connection to the computer configured to audit logon events. A good
example of when these events are logged is when a user logs on interactively to their workstation
using a domain user account. This will generate an event on the workstation, but not on the domain
controller that performed the authentication. In essence, logon events are tracked where the logon
attempt occurs, not where the user account resides. This setting is not enabled for any operating
system, except for Windows Server 2003 domain controllers, which is configured to audit success of
these events. It is common and best practice to log these events on all computers on the network.Audit object access This will audit each event when a user accesses an object. Objects include
files, folders, printers, Registry keys, and Active Directory objects. In reality, any object that has an
SACL will be included in this form of auditing. Like the Auditing of directory access, each object has
its own unique SACL, allowing for targeted auditing of individual objects. There are no objects
configured to be audited by default, which means that enabling this setting will not produce any
logged information. Once this setting is established and a SACL for an object is configured, entries
will start to show up in the logs on access attempts to the object. It is not common to configure this
level of auditing until there is a specific need to track access to resources. In highly secure
environments, this level of auditing is usually enabled and numerous resources are configured to
audit access.
Audit policy change This will audit each event that is related to a change to one of the three
policy areas on a computer. These policy areas include:
User Rights Assignment
Audit Policies
Trust relationships
This setting is not enabled for any operating system, except for Windows Server 2003 domain
controllers, which is configured to audit success of these events. It is common and best practice to
configure this level of auditing for all computers on the network.
Audit privilege use This will audit each event that is related to a user performing a task that is
controlled by a user right. The list of user rights is rather extensive, as shown in Figure 3.
Figure 3: List of User Rights for a Windows computer
This level of auditing is not configured to track events for any operating system by default. It iscommon and a best practice to configure this level of auditing for all computers on the network.
Audit process tracking This will audit each event that is related to processes on the computer.
Examples would include program activation, process exit, handle duplication, and indirect object
access. This level of auditing produces an excessive number of events and is typically not
configured unless an application is being tracked for troubleshooting purposes.
Audit system events This will even audit an event that is related to a computer restarting or being
shut down. Events that are related to the system security and security log will also be tracked when
this auditing is enabled. This is a required audit configuration for a computer that needs to track not
only when events occur that need to be logged, but when the log itself is cleaned. This setting is not
enabled for any operating system, except for Windows Server 2003 domain controllers, which is
configured to audit success of these events. It is a best practice to configure this level of auditing for
all computers on the network.Success or Failure Auditing?
Each of these options provide two configuration settings: Success and/or Failure. These options are
essential to help you track the required information that is generated from a user performing a task.
Tasks are typically related to one of the following:
Permissions configured on the Access Control List of a resource
User Rights configured for a specific computer
Administrative privileges, typically granted through group membership
-
8/3/2019 IBM Q & Ans
13/24
If the user attempts to perform a task which they have not been granted permission for will result in a
failure to perform the task. For example, if a user attempts to change the time on their laptop, but
they are not in the local Administrators group, this will generate a failed attempt to Change the
System Time, which is a User Right granted directly to users or groups of users, including the
Administrators group.
The flip side of this is also true, where if a user attempts to perform a task which they have been
granted the appropriate permission, they will generate a success trigger for that task. A goodexample here might be a user that has been delegated permissions to modify the membership of a
group located in Active Directory.
As you can see, depending on what you want to track, success or failure, will need to be setup when
you enable the specific auditing setting.
Conclusion
With so many options for tracking events in a Windows environment, it is important to understand
what each option provides through the security log of the event viewer. It is also important to know
and recognize the default settings, which are not always set to properly track events for your
important member servers. Finally, you were provided with some best practice recommendations for
these settings, which you should decide if your environment should accept the same settings.
12)how the policy are applied in ADthe levels?
GPO Priorities
Local GPOs are applied in the following order, with later policies overriding conflicting settings in
earlier policies:
1. local computer policy;
2. administrators and non-administrators policies;
3. user-specific policies.
For example, if you set the desktop to blue in the local computer policy but set it to red in the
administrators policy, it will appear red when an administrator logs on. If you set the desktop to
green in the user-specific policy, that setting would override all other local GPOs.
If the computer is a member of an Active Directory domain, domain GPOs always override
conflicting settings in local GPOs. If you want to completely disable local GPOs, enable the followingsetting in a domain GPO:
computer configuration\administrative templates\system\group policy\turn off local group policy
objects processing
With Group Policy objects, you can change hundreds of default settings in Microsoft Windows
from color schemes to desktop security and create a complex hierarchy of GPOs to configure
settings based on the user and the computers location, organization and purpose in Active Directory
environments.
Heres how to define, edit and prioritize multiple local GPOs.
First, not all computers can join a domain. For example, public computers (such as a kiosk in a
library) are frequently attacked and could put the entire domain at risk. Windows XP and earlier
versions of Windows had a single local GPO that applied settings to the client computer and allusers that logged on to the computer. Therefore, if you needed to lock down the desktop
environment to prevent guests from opening the Start menu, you also made it impossible to manage
the computer when logged on as an administrator.
Windows Vista now supports multiple local Group Policy objects (MLGPOs) so that you can apply
different settings to administrators, non-administrators and specific users.
MLGPO Types
Windows Vista supports the following local GPOs:
-
8/3/2019 IBM Q & Ans
14/24
Local Computer Policy: Just like earlier versions of Windows, Vista supports local computer policy
that always applies, regardless of which user is logged on. This policy contains both the Computer
Configuration and User Configuration nodes. All other local GPOs contain only the User
Configuration node.
Administrators Policy: Settings configured in this policy apply only to users who are members of the
local Administrators group.
Non-administrators Policy: Settings apply to all users who are not members of the localAdministrators group.
User-Specific Policies: You can configure GPOs that apply to only a specific user account.
Any user who logs on will have, at most, three local GPOs: the local computer policy, a user-specific
policy, and either the administrators or non-administrators policy. Oddly, you cannot create local
GPOs that apply to local groups, such as backup operators or guests.
Troubleshooting Local GPOs
You can troubleshoot problems with local GPOs using most of the same tools you use for Active
Directory GPOs, including:
Resultant Set of Policy: A Microsoft Management Console snap-in that analyzes all Group Policy
settings, displays the effective settings, and allows you to isolate the Group Policy objects that define
any setting.
GPResult: A command-line tool that provides a list of active GPOs, including both domain and local
GPOs, among other useful information.
Event Viewer: Vista adds an event to the System Event Log when policies are applied, and stores
detailed processing information in the applications and service logs\microsoft\windows\group
policy\operational event log. The Operational Event Log replaces the userenv.log file used in earlier
versions of Windows.
Group Policy Log View: A tool that exports Group Policy event data into a text file. You can
download GPLogView at go.microsoft.com/fwlink/?LinkId=75004.
13)what are the difference between windows 2003 and windows 2008?
2008 is combination of vista and windows 2003r2. Some new services are introduced in it
1. RODC one new domain controller introduced in it
[Read-only Domain controllers.]2. WDS (windows deployment services) instead of RIS in 2003 server
3. shadow copy for each and every folders
4.boot sequence is changed
5.installation is 32 bit where as 2003 it is 16 as well as 32 bit, thats why installation of 2008 is faster
6.services are known as role in it
7. Group policy editor is a separate option in ads
2) The main difference between 2003 and 2008 is Virtualization, management.
2008 has more inbuilt components and updated third party drivers Microsoft introduces new feature
with 2k8 that is Hyper-V Windows Server 2008 introduces Hyper-V (V for Virtualization) but only on
64bit versions. More and more companies are seeing this as a way of reducing hardware costs by
running several 'virtual' servers on one physical machine. If you like this exciting technology, makesure that you buy an edition of Windows Server 2008 that includes Hyper-V, then launch the Server
Manger, add Roles.
3) In Windows Server 2008, Microsoft is introducing new features and technologies, some of which
were not available in Windows Server 2003 with Service Pack 1 (SP1), that will help to reduce the
power consumption of server and client operating systems, minimize environmental byproducts, and
increase server efficiency.
-
8/3/2019 IBM Q & Ans
15/24
Microsoft Windows Server 2008 has been designed with energy efficiency in mind, to provide
customers with ready and convenient access to a number of new power-saving features. It includes
updated support for Advanced Configuration and Power Interface (ACPI) processor power
management (PPM) features, including support for processor performance states (P-states) and
processor idle sleep states on multiprocessor systems. These features simplify power management
in Windows Server 2008 (WS08) and can be managed easily across servers and clients using
Group Policies.
14)how the change management is done in our work?
Change Management
Change Management aims to ensure that standardised methods and procedures are used for
efficient handling of all changes,
Main article: Change Management (ITSM)
A change is an event that results in a new status of one or more configuration items (CI's)[citation
needed] approved by management, cost effective, enhances business process changes (fixes) - with
a minimum risk to IT infrastructure.
The main aims of Change Management include:
Minimal disruption of services
Reduction in back-out activities
Economic utilization of resources involved in the change
[edit] Change Management Terminology
Change: the addition, modification or removal of CIs
Change Request (CR): form used to record details of a request for a change and is sent as an
input to Change Management by the Change Requestor
Forward Schedule of Changes (FSC): schedule that contains details of all forthcoming Changes..
Management details with practical details
The Service Desk
Practical Case
As an essential step in implementing the ITIL methodology in the company, the management of
"Cater Matters" decided to set up a service desk centralising all the IT organisation's contacts withcustomers and suppliers.
To do so, the following decisions were made:
A manager was appointed to be in charge of the Service Desk.
After a careful analysis of the needs of the organisation and users, the main functions of the
service desk were defined:
o Managing the first line of support for Incident Management.
o Monitoring the quality of service offered with respect to the SLAs.
o Providing sales-related information about the services offered.
o Conducting regular surveys on the level of customer satisfaction.
o Drawing up periodic reports with the information gathered.
Running a small promotion to present the new services to existing and potential customers.
Setting web space so as to channel user interaction through the web as much as possible, bymeans of:
o Forms for queries and reporting incidents.
o Remote querying (by means of the associated web services) of the state of active incidents,
incident history and compliance with SLAs.
o Up-to-date FAQs allowing users to run their own queries on the services provided, known errors,
etc.
Drawing up a "Customer Care Manual" describing the different protocols for interaction with users,
-
8/3/2019 IBM Q & Ans
16/24
depending on the situation in question.
Choosing a software tool to help record and manage all the Service Desk's information flows.
Giving specific training:
o To staff responsible for dealing directly with users and customers on applying the "Customer Care
Manual".
o On the software tools used.
Creating a detailed plan for the progressive implementation of the Service DeskIncident Management
Practical Case
The "Cater Matters" Service Desk has just received a call from the person in charge of supplies at
one of its customer's canteens.
He says that although he had ordered a new batch of ice-creams a few days ago over the web, they
had not yet arrived and the stock in the fridge was running low.
The Service Desk operator looks in the orders database and confirms that the order was made
several days ago, but he also notices that it was incorrectly stored.
He tries to repeat the order on his computer, but the system continues to malfunction.
Following the established protocols, the operator then takes the following decisions:
He evaluates its priority: although the impact is low, the incident is urgent as the customer needs
the delivery urgently.
He logs the details of the incident.
He consults the Knowledge Base to investigate whether the incident is the result of a known error,
and if there are any possible work-arounds.
A temporary solution is proposed to the customer: he is pointed in the direction of a reserved area
of the website where he can place "urgent" orders by email.
He contacts the systems department to warn that the incident may be repeated throughout the
morning.
Using the application that monitors warehouse stock, he checks the availability of the ice-creams
ordered.
He reassures the customer that he will receive the ice-creams before midday via the company's
express service.Meanwhile, the systems department:
Runs a series of tests and confirms that, in general, the system is functioning correctly.
Are unable to identify the cause of the incident.
They contact Service Desk and suggest that the problem be forwarded to Problem Management
with a preliminary classification of low priority.
Service Desk receives the information and decides that:
Given the low impact of the incident and the fact that the customer has been given a satisfactory
work-around, it does not need to be escalated.
They log the work-around for the incident together with the information provided by the systems
department.
The incident is closed.
Problem ManagementPractical Case
The Service Desk of "Cater Matters" has informed Problem Management about an incident which
could not be associated with a known error and which caused a low impact interruption to service.
Problem Management decided to analyse the problem following the established protocol, which is
based on the Kepner-Tregoe method:
Identifying the problem.
Classifying of the problem.
-
8/3/2019 IBM Q & Ans
17/24
Establishing the possible causes.
Checking the most likely cause.
Confirming the actual cause.
Identification: In the case with which we are concerned, the problem is easy to define:
The online orders application produces unpredictable errors when recording certain orders. There
is no apparent relationship between the error and other hardware/software components.
Classification: The problem may be classified according to the following parameters: Identification: Problems recording orders.
Source: Online orders module.
Frequency: the problem is not recurrent, this is the first time it has been detected.
Impact: slight. The incident was resolved without a serious interruption to service.
Possible causes: The most likely causes include:
Errors in programming on the client side of the application.
Errors in the web server recording modules.
Database configuration errors.
The analysts decide that the most likely origin of the problem is in the application's recording
modules.
Checking the most likely cause: with the help of the information recorded by Incident Management:
Problem management tries to reproduce the problem.
They find that the error is only reproduced with a particular brand of ice-cream.
They notice that the brand of ice-cream has an apostrophe in its name and that if this is removed
the order is recorded without problems.
Verification:
A test environment is set up reproducing the module of interest on the live environment.
The necessary programming changes are made.
They confirm that the order is recorded correctly.
The problem has been converted into a known error. It is now the task of Error Control to:
Raise an RFC with the proposed solution.
Carry out the post-implementation review if Change Management considers it appropriate to
implement the RFC.Configuration Management
Practical Case
Although configuration management is vitally important, it can easily turn into a devourer of
resources if excessively ambitious criteria are laid down. Therefore, the management of "Cater
Matters" initially decided to limit the scope of the configuration database to the systems it felt to be
critical:
LAN servers.
Internet servers.
Service Centre computing infrastructure.
SLAs
To simplify management yet further, they decided to harmonise their configurations in a series of
"reference configurations" applicable to the CIs described above.Although this was a significant initial investment, it was felt that its had clear advantages:
Medium-to-long term reduction in the associated costs.
Improving the consistency of the services delivered.
Simplification of all the processes associated with service support: Incidents, problems, changes,
versions, etc.
Opting for a series of standard configurations allows a high level of detail to be achieved without the
effort involved's being excessive. The following items were therefore entered on the database:
-
8/3/2019 IBM Q & Ans
18/24
Software configurations:
o Operating Systems:
o Installed applications.
o Interdependencies: parent-child relationships, owners, etc.
o Associated documentation.
Hardware configurations:
o Servers and work stations.o Sub-components, with their interrelations: parent-child relationships, interdependencies, etc.
o Associated documentation and controllers.
Associated SLAs and monitoring reports.
At the same time, management tools were installed to allow all these configurations to be monitored
remotely and periodic automatic audits to be carried out.
Change Management
Practical Case
The customers and suppliers of "Cater Matters" are making increasing use of the company's online
services to manage ordering and the supply chain.
Although it basically meets the needs of the business, the currently implemented system was not
designed to support a high level of activity. Both Availability Management and Capacity Management
have reported inadequacies in the process and the risk of future bottlenecks if the current rate of
growth continues.
Moreover, the company's management has decided to bolster its online presence and offer
customers higher levels of service in order to build its market share.
This all requires a substantial change in both the hardware and software driving the company's
online services, and the connection with the organisation's internal management software (ERP).
The company's management therefore raised an RFC and submitted it to Change Management. The
objectives of the RFC were:
To increase the capacity of the company's web servers in order to enhance connectivity and
response capacity.
To develop a series of WebServices permitting:
o Direct integration of the online ordering system with the company's ERP system.o Tracking of the whole ordering process.
o Management of the whole supply chain remotely in conjunction with suppliers.
To redesign the website to enhance usability and optimise it for search engine indexing.
After recording the RFC:
The request is given the "accepted" status and provisionally assigned normal priority and high
impact.
A meeting of the CAB is called, and the people in charge of e-commerce and web programming
are asked to attend.
A preliminary evaluation of the project is requested from the outside consultant who supervised the
whole implementation process for the current system.
Prior to the CAB's meeting the Change Manager, in close coordination with Capacity, Availability,
Financial and Service Level Management, and top management and project management, prepares: An initial evaluation of the costs and necessary resources.
An evaluation of the impact of the changes on the IT infrastructure.
A preliminary Gantt chart of the process.
A survey so that the Service Desk can sound out customers' opinions about the possible changes.
After weighing up the documentation submitted and the organisation's business strategy, the CAB
approves the change, and:
Finalises the schedule for the change.
-
8/3/2019 IBM Q & Ans
19/24
Assigns the internal and external resources needed.
Develops a plan allowing for the temporary coexistence of both online systems to ensure continuity
of service. This will involve:
o Duplication of the whole web structure: new servers will be bought so that the old ones can
continue providing continuous service and are immediately available for a possible back-out.
o "Translation" applications will be developed so as to enable the old databases to be kept up-to-
date in order to avoid the loss of data in the event of a back-out. Configuration Management is informed about all the CIs affected by the change.
The same consultancy that implemented the current system is asked to perform an external audit
on the whole process.
All the information necessary for Version Management to be able to start the testing and
implementation process is prepared.
After the change is implemented, in conjunction with "Service Support" and "Service Delivery",
Change Management:
Confirms the change is successful:
o The new system has sufficient capacity to provide the envisaged levels of service and availability.
o The new system works without apparent errors.
o Customers and suppliers perceive the change as an improvement in service delivery.
o Productivity has improved.
A check is made to ensure everything has been recorded in the CMDB correctly.
The process is evaluated.
The change is closed.
Release Management
Practical Case
Change Management has approved (see the practical case in the previous chapter) an RFC having
as its main objectives:
Increasing the capacity of the company's web servers in order to enhance connectivity and
response capacity.
Developing a series of WebServices permitting:
o Direct integration of the online ordering system with the company's ERP system.o Tracking the ordering process from end to end.
o Remotely managing the whole supply chain jointly with suppliers.
Redesigning the website to enhance usability and optimise it for search engine indexing.
Release Management is in charge of the process of developing, buying, testing and distributing the
new versions of hardware and software concerned. For this purpose:
The new hardware needs are assessed in collaboration with Capacity Management and Availability
Management and the hardware is bought and configured.
They contact their usual web development suppliers to define the specifications of the new
software precisely and to draw up a schedule for development.
The web structure is duplicated, i.e. new servers are bought so that the old ones can continue
providing continuous service and are immediately available for a possible back-out.
Translation scripts are written allowing the new data to be saved on the old version to avoid databeing lost in the event of a back-out.
A schedule is set for testing by real users so they can give their approval to the new service.
A two-stage deployment is planned:
I. The whole web structure, excluding the data, is incorporated directly onto the company's ERP.
II. The process is completed with the integration of web orders using WebServices on the ERP.
A user manual is written describing the new release and a FAQ page is created on the web that
includes the queries users raised most frequently during the testing phase.
-
8/3/2019 IBM Q & Ans
20/24
Users are informed about the new release and warned of possible short interruptions to service
during installation.
The new release is installed.
A master copy of all the software is stored in the DSL.
The CMDB is updated.
Service Level Management
Practical CaseThe management of "Cater Matters" has decided to implement Service Level Management adapting
the ITIL principles and recommendations to the needs of its organisation.
To carry out this task as efficiently as possible, a series of initial actions have been defined. These
are basically:
Appointing someone to manage the process.
Drawing up a catalogue of services.
Developing a comprehensive service quality plan.
Defining templates from which to create SLAs associated with the main services.
Service Level Manager
The management has appointed one of its more experienced executives accustomed to dealing with
customer relations to take the role of Service Level Manager.
His main function is to negotiate and agree on service delivery with customers, as the representative
of "Cater Matters".
His specific responsibilities include:
Preparing and maintaining an up-to-date catalogue of the services offered by "Cater Matters".
Determining the general structure of the SLAs, OLAs and UCs.
Negotiating SLAs, OLAs and UCs with customers and suppliers
Supervising fulfillment of the service delivery agreements with customers and suppliers.
Keeping the top management and IT organisation informed about the performance of the process.
Defining the service improvement plans resolving deficiencies in the quality of the services
delivered and/or adapting these services to new customer needs and the latest technological
advances.
Interacting with other IT processes to ensure that they all receive and contribution the necessaryinformation for the optimal functioning of the organisation.
Drawing up the Service Catalogue
"Cater Matters" decided to subdivide its service catalogue according to the different types of
customer contracting its services.
Private individuals.
Small businesses.
Large corporations and institutions and public bodies.
The purpose of the catalogue is not just to publicise the various services but also to show (potential)
customers clearly what the differences are between the options available on top of the basic service.
To do this, an online catalogue is developed allowing different versions to be compared and giving
an initial estimate of costs based on the different options selected.
The description of each service includes additional information about: Delivery times.
Availability of the service (holidays, night hours, etc.)
Auxiliary services.
Associated WebServices.
Applicable legislation.
Loyalty programmes.
Online support.
-
8/3/2019 IBM Q & Ans
21/24
Service Quality Plan
To ensure the quality of the service a SQP is developed, which defines:
The responsibility of each of the departments in the service delivery process.
Contingency plans in the event of serious deterioration of the quality of service.
Key indicators of performance and customer satisfaction.
Methods of supervision and real-time monitoring of the processes involved in delivering the service,
such as, for example, deliveries and supplying the goods. Protocols for the Service Desk's interaction with customers and users.
The levels of security, availability, capacity and redundancy necessary to ensure the correct
provision of the service in cooperation with the people in charge of these processes.
Prototype SLAs
In order to avoid the task of preparing SLAs becoming too complex and tedious, templates are
drawn up for different types of service and customer.
Each prototype SLA includes:
General, non-technical description of the services agreed.
People responsible for the agreement on both the customer's and the supplier's side.
Deadlines for delivery of the service.
Duration of the agreement and conditions for its renewal and/or cancellation.
Conditions of availability of the service.
Support and maintenance work associated.
Response times.
Recovery times in the event of incidents.
Contingency plans if applicable.
Charging and collection methods.
Criteria for evaluating the quality of the service.
IT Service Financial Management
Practical Case
The "Cater Matters" IT organisation has for several years been providing essential services both for
the organisation of the company and for external customers of its catering services.
However, to date, IT spending has not been registered on the accounts and budgeted specifically,and with the data currently available, it is impossible to know what impact IT services have on the
cost of each of the catering services provided.
The management of "Cater Matters" wants to develop a pricing policy for IT services that allows it to
pass on its costs to end users of the company's catering service, in the same way that it passes on
the cost of transport, raw materials, etc.
A senior manager from the IT department and a member of the company's finance department have
been appointed to manage this process.
The work plan for the near term includes:
In collaboration with Configuration Management, drawing up a list of all the CIs involved in
providing direct services to customers.
Evaluate the costs associated with their use, and sharing them out among the different services if
necessary, on a pro rata basis: depreciation, maintenance, consumables, etc. Evaluating the cost of staff and operating costs.
Estimating costs associated with IT services that are hidden or difficult to assign.
Evaluating indirect costs: installations, administrative costs, etc.
Establishing strict accounting criteria for the administration of IT costs.
Establishing a cost+margin pricing policy.
All these activities aim to define precisely the costs associated with the IT services already being
delivered and to propose rates that can be passed on to customers, either directly or as a part of
-
8/3/2019 IBM Q & Ans
22/24
general items.
However, the objectives of proactiveFinancial Management go further, and include the proper
planning of future expenses and investments. For this purpose, in collaboration with Service Level
Management, Capacity Management and Availability Management, the following points have been
studied:
Customer requirements and market trends.
The impact on costs and Service Improvement Programmes (SIP). Forecasts and future IT capacity needs.
The information compiled will be used as the basis for the preparation of the first "annual IT budgets"
prepared by Financial Management.
Capacity Management
Practical Case
Up until now, Capacity Management at "Cater Matters" has been reactive, or in other words,
capacity was increased or redistributed only when problems appeared.
With the increasing importance of IT services, both for the internal organisation of "Cater Matters"
and for its customers, the management has decided to implement ITIL best practice for Capacity
Management.
They have therefore appointed a Capacity Manager with the following main responsibilities:
Monitoring the performance of the IT infrastructure, paying special attention to online services, as
these are particularly important in providing a good service to customers.
Analysing, in conjunction with Configuration Management, the impact of the various CIs on the
system's capacity.
Evaluating, in conjunction with Service Level Management, the process, storage and bandwidth
loads the current and envisaged SLAs imply.
Evaluating, in conjunction with Financial Management, the real cost of each service.
Producing regular reports on the state of the relevant technology available for the services offered.
Analysing trends and statistics on the use and load on the system.
The results of this work should allow:
The preparation of an annual Capacity Plan which will be reviewed quarterly against the real data
obtained from monitoring of the system, together with the business forecasts. The Capacity Database (CDB) to be populated so that it contains all the information relating to
capacity.
Improvements to the service to be proposed.
With the aim of:
Minimising the number and impact of future incidents degrading the quality of service.
Rationalising the use of IT infrastructure capacity.
Reducing the cost of the IT infrastructure.
Increasing productivity and customer satisfaction.
IT Service Continuity Management
Practical Case
The IT organisation of "Cater Matters" currently lacks any IT Service Continuity Management worthy
of the name.The management of "Cater Matters" is aware of the importance that IT services have today for its
production and distribution and aims to rectify this situation.
The company's management considers that the IT services associated with stock management,
given that the stock consists of perishable products, and online ordering, are those of greatest
strategic importance. In the first instance they therefore decide that the ITSCM should guarantee the
continuity of these services within not more than 8 hours. Less ambitious targets are set for other
services.
-
8/3/2019 IBM Q & Ans
23/24
A senior executive from the IT department is given the role of managing the process and charged
with coordinating all the activities involved with Business Continuity Management.
Business Continuity Management has signed cooperation agreements with other catering
companies for emergency supplies to cover the company's most important customers:
Catering services for schools and hospitals.
Conferences and other large events.
In these cases, coordination requires the development of special modules allowing order databasesto be exported in standard data exchange formats so they can be processed by the other
organisation.
Additionally, an emergency stock management application has been developed to allow supplier
orders to be handled and ensure the integrity of existing stock is maintained, according to its expiry
information and the impact of the business interruption on the stock.
The following are also established:
A regular calendar of trials of the recovery plans.
A calendar of training courses on action protocols in emergency situations.
However, IT Service Continuity Management not only has to apply reactive measures to mitigate the
impact of a possible interruption to service. Its obligations also include the drafting of prevention
plans to avoid these situations arising.
To avoid interruptions to its online services the ITSCM:
Contracts collocation web hosting services with a provider that has connections through various
operators to the Internet backbone and can ensure an uninterrupted power supply.
Replicates critical systems at different geographical locations.
Supervises the policy of back-ups of the data servers.
Installs perimeter protection systems.
Availability Management
Practical Case
Availability 12/7 is a feature on which the customers of "Cater Matters" place great importance.
IT services play a small, although important, part in the services the organisation provides to its
customers and availability problems usually arise from processes that are not directly technology
related. However, an interruption to online services can represent a serious problem given the largevolume of orders received via this channel (almost all orders), and its importance for managing
stocks of raw materials.
Availability Management, in collaboration with the people responsible for the other IT processes has
been charged with drawing up new availability plans that take the rapid growth of the business into
account, which may entail 24/7 availability being needed for certain business lines.
Drawing up this new plan requires:
Revision of the UCs in effect with Internet service providers.
Definition of levels of availability for the new services.
Design for 24/7 availability of the IT services offered.
New management plans for maintenance requiring real interruptions to service.
Moreover, the management of "Cater Matters" has decided to regularly inform customers about the
levels of performance and availability of the various different services provided. To do so they havecharged Availability Management with implementing the procedures necessary to measure:
The time between incidents.
The time the service is down.
The time taken to respond to each incident.
The delay in service delivery.
This will be complemented by a module automatically performing statistical calculations and
generating reports on compliance with the levels of availability agreed with each customer.
-
8/3/2019 IBM Q & Ans
24/24
In this way, "Cater Matters" hopes to build a relationship of trust with its customers and keep the IT
organisation alert to any possible degradation of the level of quality of service.
Security Management
Practical Case
The management of "Cater Matters" is aware that an approach to security based solely on the
concept of "defending against attacks" does not meet the needs of the business.
It is important that customers of "Cater Matters" have up-to-date information about their orders,outstanding payments, etc. and this requires interaction with the company's ERP.
Clearly, this raises a number of additional security problems, as channels to the outside have to be
opened up from within the organisation's IT core.
The management of "Cater Matters" has decided to create a series of Web Services allowing access
to this information while preserving its confidentiality and integrity. This requires a review of the
Security Plan and the security sections of the SLAs in force.
As basic security measures:
The range of IPs which the service is able to access is limited. The service is only available from
authorised customer IP addresses.
Encryption protocols are implemented for the XML files exchanged.
Authentication is required in order to access the service.
Interaction with the application is monitored to detect possible outside attacks.
A log is kept of when, how and by whom the service is used.
A single input channel is authorised for the local services through the company's web servers.
A periodic evaluation of the service is proposed in order to detect vulnerabilities and adopt corrective
measures.
The objective is to offer a quality service with high levels of security so as to build customer loyalty at
a time or rapid development when the competition is just a click away.