Nslookup: This command helps diagnose the Domain Name System (DNS) infrastructure and comes with a number of sub-commands. Its use to find the computer name corresponding to a numeric IPNetStat: Netstat displays the active TCP connections and ports on which the computer is listening, Ethernet statistics, the IP routing table, statistics for the IP, ICMP, TCP, and UDP protocols. Use for Netstat is to determine if spyware or Trojans have established connections that you do not know about. The command "netstat -a" will display all your connections.PING: Packet internet GOPHERPing is the most important troubleshooting command and checks the connectivity with other computers.IPCONFIG: IPconfig is another important command in Windows. It shows the IP address of the computer and it shows the DNS, DHCP, Gateway addresses the network and subnet mask.NSLOOKUP:Using this command we can rectify DNS related issues.NETSTAT:NETSTAT utility shows statistical protocols and the current established TCP / IP connections to the computer.NBTSTATNBTSTAT helps to resolve the NetBIOS name resolution problemsARP:ARP displays and modifies IP Physical address translation table that is used by the ARP protocols.FINGER:Finger command is used to retrieve information about a user on a network.TRACERT:It is used that helps the user to figure out the exact location along the route where the problem has occurredPATHPING:The PATHPING command is also similar to the TRACERT command. Besides executing the task performed by TRACERT, the PATHPING command also provides the information about data loss between the source computer and the destination computerTRACE ROUTETrace route is a very useful network debugging command and it is in the search for the server slows down the transmission on the Internet and it also shows the distance between the two systems are used.ROUTE Route command, you can manually make entries in the routing table. Hopefully, the above commands will help you diagnose the troubleshooting computer networking problems.Important PORT numbers?20-FTP Data21-FTP Control23-Telnet25-SMTP53 -DNS69 -TFTP80 -HTTP/WWW109-POP2110-POP3123/UDP-NTP137-NetBIOS443-HTTPS546-DHCPv6 client547-DHCPv6 server88 --- Kerberos161 --- SNMP389 --- LDAP (Lightweight Directory Access Protocol)3268 --- AD Global Catalog3269 --- AD Global Catalog over SSL

What are the causes if the server suddenly reboots?1) Either by hardware issues or software issues2) Faulty memory. (We can test memory with Microsoft tool)3) Faulty Power supply.4) Due to Virus.5) Hardware drives corrupted.6) CPU overheating.7) Outdated/corrupt drivers installed.8) After System changes.What are the causes for server performance problems?1) Hard Disk usage problems2) CPU/Memory related issues.3) Server Temperature and power 4) Network interface bottlenecks.5) Virtualization management troubles.How to improve server performance?6) Use a dedicated drive for the page file.7) Keep your hard disks defragmented.8) Use the NTFS file system.9) Avoid running 16-bit applications.10) Look for memory leaks.11) Remove seldom-used utilities.12) Disable unused services.13) Log off.14) Compress the hard disk.15) Adjust the server response.How to trouble shoot BSOD issues?1) Read the message in the Blue screen, most of time it will display the file name or driver file name (*.sys file). Then login with safe mode and uninstall the specified application.2) If you have an access to login in normal mode, try to update the driver with latest version.3) Search for resolution in internet with error code display in BSOD.4) Analysis the dump file by using the WINDMB files which was Microsoft debugging tool.Types of Memory Dump files in windows?1) Complete memory dump file2) Kernel memory dump file.3) Small memory dump file.Complete Memory dump file: This fill contain the total data which was there in Physical memory at the time of crash of the system. Kernel memory dump file: It contains the information related to kernel mode read/write pages. This is the default setting for 2008 and windows 7Small memory dump file: it only contain STOP error code, device driver list, parameter and other small amount of data. It should be readable from the system where it was created.Default path for Memory dump? Complete Memory Dump: %systemroot%\MEMORY.DMP Kernel memory dump: %systemroot%\MEMORY.DMP Small Memory Dump: %systemroot%\MinidumpBooting process for Windows XP?Boot process is the several steps will involve in this.1) POST, it will perform on the BIOS2) BIOS will read the MBR which was there in the first sector of the hard drive. This is the where windows takes over the startup process.3) MBR reads the boot sector which was the active partition, this sector contains the code that starts NTLDR (Boot Strap loader for XP)4) NTLDR will read BOOT.ini file and put the boot menu. (NTLDR should be placed along with NTDETECT.COM, BOOT.INI, BOOTSECT.DOS and NTBOOTDD.SYS)5) NTLDR to run NTDETECT.COM to get information about installed hardware.6) NTLDR uses ARC path form Boot.ini file to find the boot partition.7) Then NTLDR loads two files NTOSKRNL.EXE and HAL.DLL.8) NTLDR reads the registry files selects a hardware profile and loads the device drivers.9) Then, NTOSKRNL.exe loads WINLOGON.EXE which starts LSASS.exe (Local Security Administration); this program displays the welcome screen and allows users to log on with his/her user name and password.What are the bootable files for WINDOWS XP?The files which are participating in BOOT process are called bootable files for windows XP.What are the features of TCP/IP?Its routable, efficient and scalable. It is supports open standards.What is the IP address? IP address is the number associated with your computer. It is a 32-bit address and assigned with computer to communicate with others in a network.What is NTDS?NT Directory service.

Functions of NTDSUTIL utility? Managed and control the FSMO roles. Perform Authorities and Non-Authorities restore of AD Database maintained of Active directory, including compact and Defragmentation.

1) What is the difference between static and dynamic routing? -> Static routing is when you statically configure a router to send traffic for particular destinations in preconfigured directions. ->Dynamic routing is when you use a routing protocol such as OSPF, ISIS, EIGRP, and/or BGP to figure out what paths traffic should take.

What is a NIC?In computer networking, a NIC provides the hardware interface between a computer and a network What is a MAC Address?the MAC (Media Access Control) address is your computer's unique hardware number.It is a 48 Bit in length. When would you use a crosslink cable?To connect same devices like computer to Computer, Switch to switch ot HUB to HUB. What are the main advantages and disadvantages of Fiber-Optic-based networks?Advantages:Extremely high bandwidth,Easy to accomodate increasing bandwidth, Resistance to electromagnetic interference, Early detection of cable damage and secure transmissionsDisadvantages:Installation costs, while dropping, are still high, Special test equipment is often required, Susceptibility to physical damage, Wildlife damage to fiber optic cables What is the difference between a Hub and a Switch?HUB: It is a network device. Its simply fwd (Broadcast) the message or data to the other devices which are connected to the HUB.

Hubs are two types

Active: Generate the signal before broadcastingPassive: its not participating the broadcasting.

SWITCH:

It is a network device.

Comparing with HUB, Rather than forwarding data to all the connected ports, a switch forwards data only to the port on which the destination system is connected. It looks at the Media Access Control (MAC) addresses of the devices connected to it to determine the correct port

It increases performance of the network.

No Collisions.

BRIDGES:

Bridges are networking devices that connect networks. Sometimes it is necessary to divide networks into subnets to reduce the amount of traffic on each larger subnet or for security reasons. Once divided, the bridge connects the two subnets and manages the traffic flow between them. Today, network switches have largely replaced bridges. On which OSI layer can a router be found?Network Layer. What is CSMA/CD?If only one of the hosts on this network wanted to send data, there would be no problem. When two hosts would send at the same time, though, a collision would occur. When the signals would collide, both would be rendered unusable. A standard had to be created that would have the hosts follow rules relating to when they could send data and when they could not. This standard is Carrier Sense Multiple Access with Collision Detection, referred to as CSMA/CD.

If two of the three computers on this segment send data at the same time, a collision occurs.

To avoid this, CSMA/CD forces computers to listen to the Ethernet before sending in order to make sure that no other host on the wire is sending. When the Ethernet segment is not busy, the device that wants to send data can do so. The sender will then continue to listen, to make sure that sending the data didnt cause a collision.

If a collision is heard, both of the senders will send a jam signal over the Ethernet. This jam signal indicates to all other devices on the Ethernet segment that there has been a collision, and they should not send data onto the wire. (A second indication of a collision is the noise created by the collision itself.)

After sending the jam signal, each of the senders will wait a random amount of time before beginning the entire process over. The random time helps to ensure that the two devices don't transmit simultaneously again. What is unicast, Broadcast and multicast?Unicast: Unicast is the term used to describe communication where a piece of information is sent from one point to another point. In this case there is just one sender, and one receiver.Broadcast:Broadcast is the term used to describe communication where a piece of information is sent from one point to all other points. In this case there is just one sender, but the information is sent to all connected receivers.Multicast:Multicast is the term used to describe communication where a piece of information is sent from one or more points to a set of other points. In this case there is may be one or more senders, and the information is distributed to a set of receivers (there may be no receivers, or any other number of receivers). What is the difference between TCP and UDP?TCP: Transmission Control protocol. Connection Oriented protocol. It follows the Flow control method. We have acknowledgement.

UDP:

User Datagram Protocol. Connection less protocol. It did not follow Flow control method. No Acknowledgement. Describe some of the settings that are added by TCP and by UDP to the packet's header. What are TCP Ports? Name a few. What is a TCP Session?When you connect to another computer or device on a network or the Internet, a link between you and that machine must be created to be able to pass any data ( files, email, web, anything really). That link is called a TCP session What three elements make up a socket? What will happen if you leave the default gateway information empty while manually configuring TCP/IP?The computer will not communicate with other hosts other than local network for that computer.Difference between Routing and Routed Protocols?Routed Protocols:A routed protocol is a Network Layer protocol that is used to move traffic between networksEx: IP, IPX and AppleTalk.Routing Protocols:Routers use routing protocols to exchange information about the networks they are aware of.Ex: RIP, IGRP, OSPF etcWhat is the difference between static and dynamic routing? -> Static routing: is when you statically configure a router to send traffic for particular destinations in preconfigured directions. ->Dynamic routing: is when you use a routing protocol such as OSPF, ISIS, EIGRP, and/or BGP to figure out what paths traffic should take.

What are Routing Protocols Techniques? Distance-Vector Link-State Hybrid

Distance-Vector:

This type of routing protocol requires that each router simply inform its neighbors of its routing table

Ex: RIP and IGRP.

IGRP: Interior gateway routing protocol

Developed by CISCO. It uses the Metric to determine the correct route for the traffic. Metric are sets of numbers based on the network delay, bandwidth, reliability, and load.

RIP: Routing information protocol

It sends the broadcasts of its routing table to neighboring devices. This protocol uses the metric but it always depends on hop count. RIP will route data based upon the lowest hop count regardless of bandwidth limitations.

Link-State:

These protocols are smarter than Distance-Vector. These maintain the total network topology by using LSA (link state advertisements). Using this information it will determine the shortest path for fwd the data

OSPF: Open shortest path first

Standard protocol supported by high-end routers, OSPF is mostly used in large networks. It is commonly known as the "standard link state protocol." The main problem arises from LSA broadcasts that "flood" the network. Advanced DoS attacks can target internal routers using the OSPF protocol to constantly send requests to routers forcing them to consume large amounts of network bandwidth.

Hybrid:

These protocols use a combination of distance vector and link state properties to function. The idea of developing this type of protocol was to solve to solve the problems encountered with the other two protocols.

EIGRP: Enhanced Interior Gateway protocol

Developed by Cisco, EIGRP uses distance vector and link state methods to determine the best path for routing data. It calculates the SPF, uses load balancing, and uses an altered form of LSA broadcasts. Broadcasts are conducted every 90 seconds or whenever the network topology changes

What is Packet?

A packet is the unit of data that is routed between an origin and a destination on the Internet or any other packet-switched network

What is ARP? How ARP works?

ARP: Address Resolution Protocol

In an Ethernet environment, ARP is used to map a MAC address to an IP address

ARP works:

Host 1 broadcasts an ARP request to all devices on subnet 1, composed by a query with the IP address of router 1. The IP address of router 1 is needed because host 2 is on a different subnet. All devices on subnet 1 compare their IP address with the enclosed IP address sent by host 1. Having the matching IP address, router 1 sends an ARP response, which includes its MAC address, to host 1. Host 1 proceeds with its intended transmission of IP packet to layer 3 DA (host 2) using router 1's MAC address. Router 1 forwards IP packet to host 2. Router 1 may send an ARP request to identify the MAC of host 2.

What is RARP?

RARP (Reverse Address Resolution Protocol) is a TCP/IP protocol that permits a physical address, such as an Ethernet address, to be translated into an IP address. Hosts such as diskless workstations often only know their hardware interface addresses, or MAC address, when booted but not their IP addresses. They must discover their IP addresses from an external source, usually a RARP server. What will happen if you execute the following command: "arp d *"? What is ICMP?ICMP: Internet control message protocol.ICMPs are used by routers, intermediary devices, or hosts to communicate updates or error information to other routers, intermediary devices, or hosts. When would you use the ping command with the "-t" switch?For Continuous ping What command-line tool would help you discover for which port numbers your computer is listening?Net Stat a What is APIPA? How would you recognize it? What is a Cyclic Redundancy Check?The cyclic redundancy check, or CRC, is a technique for detecting errors in digital data, but not for making corrections when errors are detected What would you type in at a command prompt to view the IP settings for the computer that you are sitting at?IPConfig What command would you type in at a command prompt to view the IP address of the remote computer?Ping command What is the W Value for class B? What is the Net ID of an IP Address of 18.9.25.3 with Subnet Mask of 255.0.0.0?18 What is CIDR? What is 255.255.255.255 used for?Broadcasting What is the maximum number of hosts for a Class B Network? What is the (default) class type of 195.152.12.1? What is the subnet mask for 10.0.10.1/17? What is the result when changing from a subnet mask of 255.255.224.0 to a subnet mask of 255.255.240.0? How can you access a shared folder from a remote computer? Name at least 3 methods.

Switching methods in Data communication in Switches? Switches use three methods to deal with data as it arrives:Cut-throughIn a cut-through configuration, the switch begins to forward the packet as soon as it is received. No error checking is performed on the packet, so the packet is moved through quickly. The downside of cut-through is that because the integrity of the packet is not checked, the switch can propagate errors.Store-and-forwardIn a store-and-forward configuration, the switch waits to receive the entire packet before beginning to forward it. It also performs basic error checking.Fragment-freeBuilding on the speed advantages of cut-through switching, fragment-free switching works by reading only the part of the packet that enables it to identify fragments of a transmission.