Server Operating Systems and Server Roles Flashcards

1
Q

server roles (planning)

A
  • determine if multiple roles will be located on the same server or dispersed across multiple servers
  • cloud VMs can offer services to other cloud devices/internet consumers/on-premise devices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

configuring on-premise connections with VMs

A
  • site-to-site VPN connections

- dedicated connections from on-premise networks to cloud provider networks (bypass internet)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

DHCP

A
  • dynamic host configuration protocol
  • delivers central IP settings to network nodes
  • can run on a server OS or as a service on a router
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

DCHP port numbers

A
  • UDP 67 (listens for client requests)

- UDP 68 (sends responses to client requests)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

DHCP scopes

A
  • IP settings grouped into a manageable unit
  • must be activated before they can be used in DHCP process
  • IP address ranges
  • IP address exclusions
  • IP address lease duration
  • default gateway
  • DNS servers
  • DHCP reservation
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

DHCP vendor classes

A
  • apply specific IP settings to certain types of network devices
  • must determine what vendor class data is included in network transmission
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

APIPA

A
  • automatic private IP addressing
  • clients use to assign itself a unique address on the LAN when can’t reach DHCP server
  • client not able to communicate outside the LAN
  • can only communicate with other APIPA hosts within the LAN
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

link-local address

A
  • used in IPv6
  • unique self-assigned address
  • always bound to network interface whether or not DHCP is reachable
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

considerations for choosing DHCP configuration

A
  • determine which valid IP address ranges can be used
  • short lease duration in environments where clients connect for short periods of time
  • try to specify at least 2 default gateways for redundancy
  • try to specify at least 2 DNS servers for redundancy
  • configure DHCP bindings for correct network interface in multihomed (multiple network card) DHCP servers
  • high availability
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

DNS

A
  • find IP address for FQDN (forward lookup)

- find FQDN for IP address (reverse lookup)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

DNS port number

A

listens on port 53 (UDP/TCP)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

DNS domains

A
  • root domain at top
  • TLDs (.com/.org/.net/etc)
  • domains can have subdomains
  • subdomains may have their own authoritative DNS servers
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

SOA (DNS RR)

A
  • start of authority
  • contains zone details i.e. serial number/refresh interval
  • can exist in forward and reverse lookup zones
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

A (DNS RR)

A
  • forward lookup record
  • FQDN included in query
  • IPv4 address returned
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

AAAA (DNS RR)

A
  • forward lookup record
  • FQDN included in query
  • IPv6 address returned
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

CNAME (DNS RR)

A
  • canonical name record/alias record
  • additional name for an existing name
  • can be used in forward/reverse lookup zones
  • return FQDN that can be resolved via an A record
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
17
Q

MX (DNS RR)

A
  • mail exchanger
  • used for email domain suffixes to locate an SMTP mail server
  • return FQDN that can be resolved via an A record
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
18
Q

SRV (DNS RR)

A
  • service record
  • used to locate a network service i.e. AD
  • includes TCP/UDP port numbers for service
  • clients query DNS SRV records to locate services
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
19
Q

PTR (DNS RR)

A
  • pointer record (reverse DNS record)
  • created in reverse lookup zone
  • client queries include IP address
  • host/DNS domain name returned
  • each PTR record should have an associated A record
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
20
Q

WINS

A
  • Windows Internet Name Service
  • used in Microsoft TCP/IP networks prior to Windows 2000 to resolve NetBIOS computer names to IP addresses
  • replicated database of NetBIOS computer names and their IP addresses
  • no naming hierarchy
  • installed as a feature on Windows server 2019 for backward compatibility
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
21
Q

DNS GlobalNames zone

A
  • client devices can point to a DNS server where a zone “GlobalNames” exists
  • alternative to WINS
  • DNS admins create CNAME records that point to A records
  • enables older software using flat computer names to function through DNS
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
22
Q

NTP

A

service running on network host to provide time synchronization

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
23
Q

NTP port number

A

listens on UDP 123

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
24
Q

stratum 0 (NTP)

A

time source/reference clock

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
25
Q

stratum 1 (NTP)

A

NTP server connected to stratum 0 device

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
26
Q

stratum 2 (NTP)

A

NTP server gets time over network from stratum 1 host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
27
Q

directory services (DS)

A
  • centralized network database containing objects (users/groups/computers/network service locators/shared folders/shared printers/software licenses)
  • Microsoft AD DS
  • OpenLDAP
  • Oracle Directory Services
  • IBM Tivoli Directory Server
  • based on the same LDAP standards
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
28
Q

LDAP port numbers

A
  • listens on TCP 389 (plaintext)

- listens on TCP 636 (encrypted)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
29
Q

AD

A
  • Microsoft active directory
  • LDAP compliant
  • replicated network database
  • synchronized between DCs
  • group policy
  • Windows server role
  • installed via Server Manager or PowerShell cmdlets
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
30
Q

DC

A
  • domain controller
  • server configured to hold a replica of the AD database
  • C:\Windows\Ntds\Ntds.dit
  • discovered by clients via DNS queries
  • creation of DC creates DNS service location records
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
31
Q

web server

A
  • use HTTP/HTTPS to present content to web browser
  • Microsoft Internet Information Services (IIS)
  • Apache
  • NGINX
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
32
Q

web server ports

A
  • TCP 80 (HTTP)

- TCP 443 (HTTPS)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
33
Q

application server

A
  • serves data with a specific business purpose
  • often combination of web/database servers
  • Microsoft SQL Server
  • MySQL
  • Oracle Database
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
34
Q

file server

A
  • data stored on equipment owned/managed by the organization (legal reasons)
  • Windows servers use SMB to make shared folders available over the network
  • UNIX/Linux systems use their own network file system (NFS) but can use SMB via Samba
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
35
Q

print server

A
  • manages printers on a network

- spool print jobs from clients using server disk space

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
36
Q

cloud printing

A
  • remove any printing dependencies i.e. OS versions/print drivers/printing devices/etc
  • can be used with mobile devices
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
37
Q

mail server

A
  • run as services (daemons)
  • enable connections on specific ports
  • need to support mobile device connections
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
38
Q

MDM tools

A
  • mobile device management
  • mobile device partitioning solutions for personal/work data
  • restrict file attachments from corporate messages from being stored on personal cloud storage locations
  • can run on-premise or in cloud
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
39
Q

SMTP

A
  • simple mail transfer protocol
  • port 25
  • used to transfer email between SMTP hosts
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
40
Q

POP

A
  • post-office protocol
  • port 110
  • enables clients to download email messages from POP server
How well did you know this?
1
Not at all
2
3
4
5
Perfectly
41
Q

IMAP

A
  • internet message access protocol
  • port 143
  • enables clients to use different email clients running on different devices to access email
  • email synchronized between devices
42
Q

multihomed servers

A

servers with more than 1 interface

43
Q

RRAS

A
  • routing and remote access service
  • Windows server
  • configure IPv4/IPv6 routing
  • NAT
  • VPN
44
Q

UNIX/Linux RRAS services

A
  • IP routing via ip command
  • NAT configuration via iptables command
  • OpenVPN
45
Q

common virtualization solutions

A
  • VMWare vSphere Hypervisor
  • Microsoft Hyper-V
  • Citrix Hypervisor
  • Oracle VM VirtualBox
46
Q

host in virtualization

A

hypervisor

47
Q

guest in virtualization

A

VM

48
Q

type 1 hypervisor

A
  • hypervisor has direct access to physical hardware
  • controls hardware resource access between VMs
  • bare-metal hypervisor
  • don’t rely on another OS (increased security)
  • Microsoft Hyper-V
  • VMware ESXi
49
Q

type 2 hypervisor

A
  • application that runs on top of existing OS
  • doesn’t have direct access to hardware
  • VMware Workstation Pro
  • Oracle VM VirtualBox
50
Q

hypervisor host configuration

A

type of IT workloads running in each VM is most important consideration

51
Q

VM guest configuration

A
  • similar to planning physical hardware for new server
  • amount of startup/minimum/maximum/dynamic memory
  • number of vCPUs and compatibility settings
  • storage
  • vNICs/connected virtual switches
  • virtual MAC address
  • network bandwidth throttling
  • VLAN tag settings
  • display settings for number of monitors/accelerated graphics
  • integration tools with host hypervisor for time synchronization/backup services/etc
  • snapshot/checkpoint settings
52
Q

bridging (VLAN tag settings)

A

connects to physical network

53
Q

NAT (VLAN tag settings)

A

uses hypervisor host IP address to access the network

54
Q

VM to VM (VLAN tag settings)

A

enable communication only between VMs

55
Q

VM and host (VLAN tag settings)

A

enables communications between VMs and hypervisor host

56
Q

server installation

A
  • hardware compatibility lists (HCLs)
  • provide details about which specific hardware is supported by a given server OS
  • also have to consider specific drivers/applications
  • server OS minimum requirements
57
Q

server licensing

A
  • open source (Ubuntu Linux)
  • per server models
  • per instance models
  • per core models
  • volume licensing (Microsoft Key Management Service)
  • subscription based licensing (AWS/O365/cloud)
  • per user concurrent licensing
  • node-locked (tied to specific device)
  • digital rights management (signature-based used for gaming/use of media files)
58
Q

installing type 1 hypervisor

A
  • most modern type 1 hypervisors require 64-bit architecture/virtualization support
  • not an issue with server class hardware
  • firmware updates (BIOS/UEFI) may be required before installation
  • may have to change boot order is installing from DVD/USB
59
Q

common server OS’s

A
  • Microsoft Windows Server
  • Microsoft Windows Server Embedded (purpose specific hardware appliances)
  • UNIX BSD/AIX/Solaris
  • Linux Red Hat/Ubuntu/SUSE
60
Q

server installation from an image

A
  • apply already created image to new physical server or VM
  • capture server OS image by booting from alternative media and using DISM
  • multiple images can be stored via Windows Imaging Format (WIM)
  • specify image with index DISM parameter
61
Q

server installation from image tools

A
  • Ghost Solution Suite
  • Microsoft System Center Configuration Manager
  • Microsoft Deployment Toolkit
  • Microsoft DISM.exe command line tool
62
Q

server cloning

A
  • option to create linked clone (uses minimal disk space/linked to original VM)
  • linked clone changes made after the clone is created are independent
  • option to create fully independent clone (uses more disk space)
  • work well when multiple VMs with same standard initial OS configuration are needed
  • physical-to-virtual (P2V) cloning uses physical server as the source/results in a VM with same settings
63
Q

VM deployment templates

A
  • can be used to partially/fully automate VM deployment

- specify hardware details/OS options/network settings/etc

64
Q

scripted server installations

A
  • create answer file to automate some/all of the OS installation
  • unattend.xml file created via Windows System Image Manager (SIM)
  • name answer file tounattend.xml and place on root of removable media to be automatically read
65
Q

PXE booting

A
  • boot over network from a PXE
  • enables OS installation from image/installation files
  • can apply updates to source installation files before install via slipstreaming
  • must be supported by physical/VM BIOS/UEFI settings and NIC
  • must have PXE boot server listening on the network
  • relies on DHCP to assign IP settings to PXE clients
  • uses trivial file transfer protocol (TFTP) to download a small boot image OS used for installation/imaging
  • Microsoft Remote Installation Services (RIS)
  • Windows Deployment Services (WDS)
  • don’t have to carry around storage devices containing installation media
  • demanding on network bandwidth
66
Q

installation details

A
  • disk layout (partioning/file system formats/swap file/partition)
  • server name
  • IP configuration settings
  • administrative user credentials
  • additional drivers for nonstandard hardware
  • product key or subscription details to activate installation/receive updates
  • additional software that should be installed
  • all of these can be included in Windows unattend.xml/autounattend.xml files
67
Q

server administration methods

A
  • GUI (MMC)
  • command line
  • physical serial ports
  • remote server administration tools (RSAT)
68
Q

KVM

A
  • switches connect servers to a single keyboard/video/mouse

- KVM solution has to match connectors for devices

69
Q

out-of-band remote administration

A
  • provides hardware-level remote access to a host
  • doesn’t rely on OS software running
  • more secure than software-based tools
70
Q

WBEM

A
  • web-based enterprise management

- standardized way of managing/monitoring servers/devices from different vendors

71
Q

LOM

A
  • lights out management
  • remote management solution supported by most vendors
  • monitoring of server components i.e. CPU use/temperature/OS health/etc
72
Q

KVM over IP

A
  • enables remote server access even over internet
  • can enable hardware level remote access if supported by server hardware
  • not dependent on underlying OS
  • TCP/IP settings must e configured at hardware level to enable remote access across WANs
73
Q

KVM-over-IP switches

A

hardware appliances with centralized management/auditing tools

74
Q

IPMI

A
  • intelligent platform management interface
  • remote server management solution
  • commonly used with various vendor blade enclosures
  • remote power on/off
  • disk access
  • server monitoring/inventory functionality
75
Q

BMC

A
  • baseboard management controller

- interface between server management tools and physical hardware being managed

76
Q

iLO

A
  • integrated lights out
  • secure remote management capabilities
  • server monitoring/alert capabilities
77
Q

iDRAC

A
  • integrated Dell remote access
  • Dell servers
  • connect to servers at hardware level
  • web browser interface
  • remote power on/off
  • access to server storage media
78
Q

in-band remote administration

A

relies on software running within OS

79
Q

SSH

A
  • needs server-side listener for clients to be able to connect
  • standard listening port = TCP 22
  • typically used for command line management
  • can use public key authentication
80
Q

X-forwarding

A

can be enabled within SSH to redirect graphical UNIX/Linux applications to show on client computer

81
Q

RDP

A
  • listens on UDP/TCP 3389
  • newer versions of Windows server supported network level authentication (NLA) for RDP sessions
  • get command prompt when RDP into server with core OS installed
82
Q

benefits of NLA

A
  • entering username/password uses client resources (not server)
  • RDP sessions are encrypted with SSL certificate
83
Q

powershell

A
  • depends on Windows remote management (WinRM) service to be configured
  • desired state configuration (DSC) enables configuring/managing Windows/Linux hosts centrally via a declarative syntax
84
Q

WinRM port numbers

A

TCP 5985/5986

85
Q

using winrs command outside of powershell

A
  • execute commands remotely on Windows host

- need to ensure WinRM has been enabled

86
Q

automating server administration via scripting

A
  • placing commands in 1 or more script files
  • invoking the script file
  • have script invoked automatically during machine bootstrap process
87
Q

server documentation

A
  • each server needs documentation and change log
  • ideally automated/inventoried in a database
  • vendor manuals
  • how solutions have been implemented
  • keep documentation secure/encrypted
88
Q

asset life cycle

A
  • complete process of establishing new server/resource all the way to decommission/upgrade
89
Q

asset inventory

A
  • modern systems for inventory are automated
  • physical equipment needs to be labeled or inscribed
  • RFID tags easier in large environments
90
Q

hardware inventory components

A
  • make/model/serial number
  • physical server owned/leased
  • motherboard/device serial numbers
  • physical/digital asset tag
  • RAM
  • storage
  • network interfaces
  • peripherals
91
Q

reasons for hardware inventory

A
  • inventory audits
  • asset tracking
  • determine asset use
  • asset repair/warranty
  • asset recall
  • asset security
92
Q

software inventory

A
  • specific version of OS/drivers/applications in use
  • software license compliance
  • should be automated on scheduled basis
93
Q

SLA

A
  • service level agreement
  • contract outlining expected service from a provider to consumer
  • uptime
  • response time
  • providers may offer credits when SLA isn’t met
94
Q

other documentation

A
  • network infrastructure diagrams
  • workflow/dataflow/application architecture diagrams
  • baseline documentation
  • recovery documentation
95
Q

maintaining servers

A
  • automation
  • firmware/software updates timely deployed
  • reports to confirm patches deployed successfully
96
Q

patch management

A
  • critical security updates
  • functionality updates
  • centralized update management
  • Windows Server Update Services (WSUS)
  • Microsoft System Center Updates Publisher (SCUP)
  • vendor specific patch management solutions
  • test updates in controlled environment before deploying them into production
97
Q

proactive maintenance

A
  • keep servers clear of dust
  • keep obstructions away from intake fans
  • keep servers cool
  • plug servers in UPS to ensure graceful shutdown
98
Q

reactive maintenance

A
  • LED indicators on equipment indicate potential issues

- Error/beep codes

99
Q

DNS server root hints

A

allow for internet name resolution

100
Q

how to encrypt communications between web clients/server

A
  • issue PKI certificate for web server
  • install certificate on web server
  • clients don’t need PKI certificate for secured web server traffic