Our Vision

To give customers the most compelling IT Support experience possible.

Our Mission

Our mission is simple: make technology an asset for your business not a problem.

Our Values

We strive to make technology integrate seamlessly with your business so your business can grow. As your technology partner, when your business grows ours will grow with you, therefore, we will work hand in hand with you to support your growth.

Our Values

We develop relationship that makes a positive difference in our customers Business.

Our Values

We exibit a strong will to win in the marketplace and in every aspect of our Business

Showing posts with label Job Interview and Ideas. Show all posts
Showing posts with label Job Interview and Ideas. Show all posts

Interview Tips, Preparation and Behavioral/Competency Based Interviews


 Interview Tips


Congratulations on securing an interview!

This is your opportunity to demonstrate your personal attributes, your strengths, personality, your ability to communicate and how you react under pressure.  Here are some tips to assist you in selling your assets:

Develop Rapport

To ensure effective communication, it is very important to develop a good rapport with the person interviewing you.  Of course, this is sometimes difficult, particularly if you “really want the job”.  However, you must relax – get that high-pitched or tense tone out of your voice – and appear to be calm and self-assured at all times.

One of the simplest ways of helping this is to smile a lot.  Yes, when appropriate, smile.  Not a grin but a genuine, warm smile.  Ask yourself seriously: do you smile during the course of conversation?

Ask Good Questions

This is a big tip!  Don’t just tell the interviewer how wonderful you are and how good your achievements have been.  Demonstrate that you have done your homework that you are really listening and you understand what’s going on.  You can do this by asking relevant questions about the department and the job in question.  Taking an interest in the big picture will have a positive influence on the interviewer.  If, in the limited time of an interview, you can ask one or two questions that actually make the interviewer think about the answer, or better still, maybe cover issues they hadn’t even thought of, then you really are on the home stretch.


Preparation Will Make or Break the Interview!


Preparation is the first essential step towards a successful interview. 

Be prepared to answer a couple of standard questions such as:

Ø   What do you want to be doing in your career five years from now?  Ten years from now?
Ø   What style of management gets the best from you?  Who was your best boss?  Why?
Ø   What have you learnt from some of the jobs, you have held?  What did you enjoy the most?  What did you enjoy the least?
Ø   What have you done that shows initiative in your career?
Ø   What are you looking for in your next role?

“Open probe” questions are different because they strike right at the heart of issues and require more than a yes/no answer.

Ø   Why do you want to change roles?
Ø   Give positive answer – confident, coherent and logical explanations are critical to the interview process.

Ø   What is your greatest strength/weakness?
Ø   Have some answers ready – even weaknesses can be presented positively, especially if you are doing something about them.

Ø   Why should you be successful in gaining this role?
Ø   Here’s a chance to review your strengths and show how you can make a big contribution.  Sell your benefits, not your features. 

Ø   How do you react to criticism?


Behavioral/Competency Based Interviews


Behavioral interviewing is based within the premise that past behavior is the best indicator of future behavior.  With a set of competencies identified beforehand, the interviewer will ask you to relate specific examples or situations where you have demonstrated a particular competency in the past.

For example, let’s say problem solving is a competency required for the role.  The interviewer may ask something like:

“Tell me about a time where you have solved a business problem?  What was the situation?  What was the outcome?”

The best way to answer these questions is to describe a specific example that demonstrates your ability in that area using the “STAR” technique to structure your response:

S – Situation
T – Task
A – Action
R – Result

So in answering the above question, an appropriate response may go something like this:

“The situation at XYZ Company when I first joined was that all employees had authority to speak to the media.  This created problems such as inconsistent message, inaccurate/untimely information release and an array of other undesirable consequences for the company’s image.  My task as Media & PR Manager was to build and maintain a positive corporate image so the action I took was to immediately implement a policy whereby only four nominated executives had authority to deal with the media and that all media and PR activity initiated outside my team was to be signed off by me.  I took the time to gain the buy-in of management and then all employees so that everyone was happy to adhere to the new policies.  The result was great – no more embarrassing situations and a far more positive attitude to our brand as evidenced by a recent independent survey”.

This answer clearly demonstrates the candidate’s ability to decisively and collaboratively solve a business problem.  The answer is also very succinct which means the interviewer is more likely to tune in to the entire response.  The interviewer can then drill down further to obtain more detail around the “how’s” and “why’s” of the example.

Great answers to interview questions are:

Ø   Relevant
Ø   Succinct
Ø   Able to show clearly what you did and how you did it
Ø   Delivered with an appropriate level of energy and enthusiasm
Ø   Not “waffly”!

Closing the Interview


You have come to the end of the interview.  Don’t make the mistake and nervously mumble “Thank You” and leave.  Always be prepared to ask questions at the end of the interview – have at least one question that indicates you’ve been listening.  Of course, this is also a good opportunity to let the interviewer know that you are terribly keen on the job.  Don’t worry about appearing too eager – as long as you’re being yourself.  The interviewer is looking for an enthusiastic person, not someone who hasn’t decided if this is the right career for them.

If you have answered the two questions uppermost in the interviewer’s mind – “Why are you interested in the job?” and “What can you offer and can you do the job?” – You have done all you can.


Good luck – and enjoy!

Cyber Security Interview questions

Q1) Define Cybersecurity?

Ans. Cybersecurity refers to the protection of internet-connected systems such as software, 

hardware, electronic data, etc., from cyber attacks. In a computing text, it is referred to as protection against unauthorized access.

Q2) What is Cryptography?

Ans. Cryptography is a method to transform and transmit the confidential data in an encoded way to 

protect the information from third parties for whom data is not authorized.

Q3) What is the difference between Threat, Vulnerability, and Risk?

Ans.•Threat: Someone with the potential to cause harm by damaging or destroying the official data to a system or organization.

Ex: Phishing attack

Vulnerability: It refers to weaknesses in a system that makes threat outcomes more possible and even more dangerous.

Ex: SQL injections, cross-site scripting

Risk: It refers to a combination of threat probability and impact/loss. In simple terms, it is related to potential damage or loss when threat exploits the vulnerability.

•Threat probability * Potential loss = Risk

Q4) What is Cross-Site Scripting and how it can be prevented?

Ans. Cross-Site Scripting is also known as a client-side injection attack, which aims at executing malicious scripts on a victim’s web browser by injecting malicious code.

The following practices can prevent Cross-Site Scripting:

•Encoding special characters

•Using XSS HTML Filter

•Validating user inputs

•Using Anti-XSS services/tools

Q5) What is the difference between IDS and IPS?

Ans.Intrusion Detection Systems (IDS) 

It only detects intrusions but unable to prevent 

intrusions.It's a monitoring system and it needs human or another system to look at the results.

Intrusion Prevention Systems (IPS)

It detects and prevents intrusions.It’s a control system.

It needs a regularly updated database with the latest 

threat data.

Q6) What is a Botnet?

Ans.•A Botnet is a group of internet-connected devices such as servers, PCs, mobile devices, etc., that are affected and controlled by malware.

•It is used for stealing data, sending spam, performing distributed denial-of-service attack (DDoS attack), and more, and also to enable the user to access the device and its connection.

Q7) What is a CIA triad?

Ans. CIA (confidentiality, integrity, and availability) triad is a model designed to handle policies for information security within an organization.

Confidentiality - A collection of rules that limits access to information.

Integrity - It assures the information is trustworthy and reliable.

Availability - It provides reliable access to data for authorized people.

Q8) Symmetric Vs Asymmetric encryption.

Ans.Purpose: Symmetric Encryption Uses a single key to encrypt and decrypt information.

Speed: Symmetric encryption performs faster

Algorithms: AES, RC4, DES, QUAD, 3DES, Blowfish etc

Asymmetric Encryption: Uses a pair of public and private keys to encrypt and decrypt information

Purpose Preferred for transferring huge data Mostly used for exchanging secret keys safely.

Asymmetric encryption performs slower compared to symmetric encryption.

Algorithm: Diffie-Hellman and RSA 

Q9) What is the difference between hashing and encryption?

Ans. Both hashing and encryption are used to convert readable data into an unreadable format. The significant difference is that encrypted data can be transformed into original data by decryption, whereas hashed data cannot be processed back to the original data.

Q10) What is two-factor authentication and how it can be implemented for public websites?

Ans.•Tw0-factor authentication is also referred to as dual-factor authentication or two-step verification where the user provides two authentication factors for protecting both user credentials and resources while accessing.

•The two-factor authentication can be implemented on public websites such as Twitter, Microsoft, LinkedIn, and more for enabling another protection on your already protected account with a password.

•For enabling this double factor authentication, you can easily go to settings and then manage security settings.

Q11) What is the use of a firewall and how it can be implemented?

Ans. A firewall is a security system used to control and monitor network traffic. It is used for protecting the system/network from malware, viruses, worms, etc., and secures unauthorized access from a private network.

The steps required to set up and configure the firewall are listed below:

•Change the default password for a firewall device.

•Disable the remote administration feature.

•Configure port forwarding for specific applications to function correctly, such as an FTP server or a web server.

•Firewall installation on a network with an existing DHCP server can cause errors unless its firewall’s DHCP is disabled.

•Make sure the firewall is configured to robust security policies.

Q12) What is the difference between vulnerability assessment and penetration testing?

•The terms Vulnerability assessment and penetration testing are both different, but serve an essential function of protecting network environment.

Vulnerability Assessment: It’s a process to define, detect, and prioritize the vulnerabilities in computer systems, network infrastructure, applications, etc., and gives the organization with the required information to fix the flaws.

Penetration Testing: It is also called as pen testing or ethical hacking. It’s a process of testing a network, system, application, etc.to identify vulnerabilities that attackers could exploit. In the context of web application security, it is most widely used to augment a web application firewall (WAF).

Q13) What is the difference between stored and reflected XSS?

Ans.•Stored XSS Attacks - The attacks where the injected scripts are stored on the target servers permanently. In this, the victim retrieves the malicious script from the server when requests the stored information.

Reflected XSS Attacks - In this, the user has to send the request first, then it will start running on the victim’s browser and reflects results from browser to the user who sent the request.

Q14) What is a three-way handshake process?

Ans. A three-way handshake process is used in TCP (Transmission Control Protocol) network for transmission of data in a reliable way between the host and the client.It’s called three-way handshake because three segments are exchanged between the server and the client.

SYN : The client wants to establish a connection with the server, and sends a segment with SYN(Synchronize Sequence Number) to the server if the server is up and has open ports.

SYN + ACK : The server responds to the client request with SYN-ACK signal bits set if it has open ports.

ACK : The client acknowledges the response of a server and sends an ACK(Acknowledgment) packet back to the server.

Q15) What are HTTP response codes?

Ans. HTTP response codes display whether a particular HTTP request has been completed.

•1xx (Informational) - The request has been received, and the process is continuing.

•2xx (Success) - The request was successfully received and accepted.

•3xx (Redirection) - Further action must be taken to complete it.

•4xx (Client Error) - Request cannot be fulfilled or has incorrect syntax.

•5xx (Server Error) - Server fails to fulfill the request.

Q16) What are the techniques used in preventing a Brute Force Attack?

Ans. Brute Force Attack is a trial and error method that is employed for application programs to decode encrypted data such as data encryption keys or passwords using brute force rather than using intellectual strategies. It’s a way to identify the right credentials by repetitively attempting all the possible methods.

Brute Force attacks can be avoided by the following practices:

•Adding password complexity: Include different formats of characters to make passwords stronger.

•Limit login attempts: set a limit on login failures.

•Two-factor authentication: Add this layer of security to avoid brute force attack.

Q17) List the common types of cybersecurity attacks.

Ans. The following are the most common types of cybersecurity attacks:

•Malware  •SQL Injection Attack •Cross-Site Scripting (XSS) •Denial-of-Service (DoS)

•Man-in-the-Middle Attacks •Credential Reuse •Phishing •Session Hijacking

Q18) Define data leakage and its types?

Ans. Data Leakage refers to the illegal transmission of data to an external destination or unauthorized entity within an organization. It can transfer data either physically or electronically. It usually occurs via the web, emails, and mobile data storage devices.

Types of data leakage:

1. The Accidental Breach - Majority of data leakage incidents are accidental.

Ex: An entity may choose the wrong recipient while sending confidential data.

2. The Disgruntled or ill-intentioned Employee - The authorized entity sends confidential data to an unauthorized body.

3. Electronic Communications with Malicious Intent - The problem is all the electronic mediums are capable of file transferring and external access sources over the internet.

Q19) What is the use of Traceroute?

Ans. A Traceroute is a network diagnostic tool, used for tracking the pathway of an IP network from source to destination. It records the period of each hop the packet makes while its route to its destination.

Q20) How to prevent CSRF attacks?

Ans. CSRF is referred to as Cross-site Request Forgery, where an attacker tricks a victim into performing actions on their behalf.

CSRF attacks can be prevented by using the following ways:

•Employing the latest antivirus software which helps in blocking malicious scripts.

•While authenticating to your banking site or performing any financial transactions on any other website do not browse other sites or open any emails, which helps in executing malicious scripts while being authenticated to a financial site.

•Never save your login/password within your browser for financial transactions.

•Disable scripting in your browser.

Q21) What is port scanning?

Ans. A port scanning is an application designed for identifying open ports and services accessible on a host network. Security administrators mostly utilize it for exploiting vulnerabilities, and also by hackers for targeting victims.

Some of the most popular port scanning techniques are listed below:

•Ping scan  •TCP connect •TCP half-open •Stealth scanning – NULL, FIN, X-MAS •UDP


Q22) What is the need for DNS monitoring?

Ans.

•DNS (Domain Name System) is a service that is used for converting user-friendly domain names into a computer-friendly IP address. It allows website under a particular domain name which is easy to remember.

•DNS monitoring is nothing but monitoring DNS records to ensure does it route traffic properly to your website, electronic communication, services, and more.

Q23) What is the difference between hashing and salting?

Ans.

•Hashing is majorly used for authentication and is a one-way function where data is planned to a fixed-length value.

•Salting is an extra step for hashing, where it adds additional value to passwords that change the hash value created.

Q24) How to prevent ‘Man-in-the-Middle Attack’?

Ans. The following practices prevent the ‘Man-in-the-Middle Attacks’:

•Have a stronger WAP/WEP Encryption on wireless access points avoids unauthorized users.

•Use a VPN for a secure environment to protect sensitive information. It uses key-based encryption.

•Public key pair based authentication must be used in various layers of a stack for ensuring whether you are communicating the right things are not.

•HTTPS must be employed for securely communicating over HTTP through the public-private key exchange.

Q25) What are the common methods of authentication for network security?

Ans.

•Biometrics - It is a known and registered physical attributes of a user specifically used for verifying their identity.

•Token - A token is used for accessing systems. It makes more difficult for hackers to access accounts asthey have long credentials.

•Transaction Authentication - A one time pin or password is used in processing online transactions through which they verify their identity.

•Multi-Factor Authentication - It’s a security system that needs more than one method of authentication.

•Out-of-Band Authentication - This authentication needs two different signals from two different channels or networks. It prevents most of the attacks from hacking and identity thefts in online banking.

Q26) Which is more secure SSL or HTTPS?

Ans.

•SSL (Secure Sockets Layer) is a secure protocol which provides safer conversations between two or more parties across the internet. It works on top of the HTTP to provide security.

•HTTPS (Hypertext Transfer Protocol Secure) is a combination of HTTP and SSL to provide a safer browsing experience with encryption.

•In terms of security, SSL is more secure than HTTPS.

Q27) What is the difference between black hat, white hat, and grey hat hackers?

Ans.•Black-hat hacker is a person who tries to obtain unauthorized access into a system or a network to steal information for malicious purposes.

•White-hat hackers are also known as ethical hackers; they are well-versed with ethical hacking tools, methodologies, and tactics for securing organization data. They try to detect and fix vulnerabilities and security holes in the systems. Many top companies recruit white hat hackers.

•Grey hat hacker is a computer security expert who may violate ethical standards or rules sometimes, butdo not have malicious intent of black hat hacker.

Q28) What is cognitive security?

Ans. Cognitive security is one of the applications of AI technologies that is used explicitly for identifying threats and protecting physical and digital systems based on human understanding processes.

Self-learning security systems use pattern recognition, natural language processing, and data mining to mimic the human brain.

Q29) What is phishing and how it can be prevented?

Ans. Phishing is a malicious attempt of pretending oneself as an authorized entity in electronic communication for obtaining sensitive information such as usernames, passwords, etc. through fraudulent messages and emails.

The following practices can prevent phishing:

•Use firewalls on your networks and systems.

•Enable robust antivirus protection that has internet security.

•Use two-factor authentication wherever possible

•Maintain adequate security.

•Don't enter sensitive information such as financial or digital transaction details on the web pages that youdon't trust.

•Keep yourself updated with the latest phishing attempts.

Q30) What is SQL injection and how it can be prevented?

Ans. SQL Injection (SQLi) is a type of code injection attack where it manages to execute malicious SQL statements to control a database server behind a web application. Attackers mostly use this to avoid application security measures and thereby access, modify, and delete unauthorized data.

The following ways will help you to mitigate or prevent SQL injection attacks:

•Include Prepared Statements (with Parameterized Queries)

•Use Stored Procedures

•Validate user input

•Hide data from the error message

•Update your system

•Store database credentials separate and encrypted

•Disable shell and any other functionalities you don’t need

 

Q31) How will you keep yourself updated with the latest cybersecurity news?

Ans. The following ways will help you to keep up with the latest cybersecurity updates:

•Follow news websites and blogs from security experts.

•Browse security-related social media topics.

•Check vulnerability alert feeds and advisory sites.

•Attend cybersecurity live events.

 

Q32) What is a DDOS attack and how to stop and prevent them?

Ans. A DDOS (distributed denial-of-service ) is a malicious attempt of disrupting regular traffic of a network by flooding with a large number of requests and making the server unavailable to the appropriate requests. The requests come from several unauthorized sources and hence called distributed denial of service attack.

The following methods will help you to stop and prevent DDOS attacks:

•Build a denial of service response plan

•Protect your network infrastructure

•Employ basic network security

•Maintain strong network architecture

•Understand the Warning Signs

•Consider DDoS as a service

 

Q33) What do you understand by compliance in Cybersecurity?

Ans.

•Compliance means living by a set of standards set by organization/government/independent party.

•It helps in defining and achieving IT targets and also in mitigating threats through processes like 

vulnerability management.

 

Q34) What is the use of Patch Management?

Ans.

•The purpose of patch management is to keep updating various systems in a network and protect them against malware and hacking attacks.

•Many enterprise patch management tools manage the patching process by installing or deploying agentson a target computer, and they provide a link between centralized patch server and computers to be patched.

Q35) What is the difference between a false positive and false negative in IDS?

Ans.

•A false positive is considered to be a false alarm and false negative is considered to be the most complicated state.

•A false positive occurs when an IDS fires an alarm for legitimate network activity.

•A false negative occurs when IDS fails to identify malicious network traffic.

Compared to both, a false positive is more acceptable than false negative as they lead to intrusions without getting noticed.

Q36) what is the difference between the Red team and Blue team?

Ans.

•Red team and blue team refers to cyber warfare. Many organizations split the security team into two groups as red team and blue team.

•The red team refers to an attacker who exploits weaknesses in an organization's security.

•The blue team refers to a defender who identifies and patches vulnerabilities into successful breaches.

Q37) Explain System hardening?

Ans.

•Generally, system hardening refers to a combination of tools and techniques for controlling vulnerabilities in systems, applications, firmware, and more in an organization.

•The purpose of system hardening is to decrease the security risks by reducing the potential attacks and condensing the system’s attack surface.

The following are the various types of system hardening:

1.Database hardening

2.Operating system hardening

3.Application hardening

4.Server hardening

5.Network hardening

Q38) What is a cybersecurity risk assessment?

Ans. A cybersecurity risk assessment refers to detecting the information assets that are prone to cyber attacks(including customer data, hardware, laptop, etc.) and also evaluates various risks that could affect those assets.

It is mostly performed to identify, evaluate, and prioritize risks across organizations.

The best way to perform cybersecurity risk assessment is to detect:

•Relevant threats in your organization

•Internal and external vulnerabilities

•Evaluate vulnerabilities impact if they are exploited

Q39) What are the seven layers of the OSI model?

Ans. The main objective of the OSI model is to process the communication between two endpoints ina network.

The seven open systems interconnection layers are listed below:

Application layer (layer 7) - It allows users to communicate with network/application whenever required to perform network-related operations.

Presentation layer (layer 6) - It manages encryption and decryption of data required for the application layer. It translates or formats data for the application layer based on the syntax of the application that accepts.

Session layer (layer 5) - It determines the period of a system that waits for other application to respond.

Transport layer (layer 4) - It is used for sending data across a network and also offers error checking practices and data flow controls.

Network layer (layer 3) - It is used to transfer data to and fro through another network.

Data-link layer (layer 2) - It handles the flow of data to and fro in a network. It also controls problems that occur due to bit transmission errors.

•Physical layer (layer 1) - It transfers the computer bits from one device to another through the network. Italso controls how physical connections are set up to the network and also bits represented into signals while transmitting either optically, electrically, or radio waves

Q40) What are the several indicators of compromise(IOC) that organizations should monitor?

Ans. The key indicators of compromise that organizations should monitor are listed below:

•Unusual Outbound Network Traffic  •HTML Response Sizes

•Geographical Irregularities •Increases in Database Read Volume

•Log-In Red Flags •Unexpected Patching of Systems

•Large Numbers of Requests for the Same File •Web Traffic with Unhuman Behavior

•Suspicious Registry or System File Changes •Unusual DNS Requests

•Mobile Device Profile Changes •Bundles of Data in the Wrong Place

•Mismatched Port-Application Traffic •Signs of DDoS Activity

•Anomalies in Privileged User Account Activity




EXAMPLE BEHAVIOURAL INTERVIEW QUESTIONS

Below is a list of commonly asked behavioural interview questions which highlight specific competencies and behavioural traits in the workplace. 

Initiative

• Tell me about any ideas or processes that you have implemented in your current job.

• Have you ever suggested a new way to improve your team/project’s performance? 

Problem Solving

• Tell me about a complex problem you have solved. Walk me through the process you took.

• Tell me about a potential problem you have prevented from occurring.

Leadership Skills

• How do you go about allocating work for your staff? Can you give me an example?

• Tell me about a time when you have provided coaching to one of your staff.

• Tell me about a time when you have had staff members resist your leadership. What did you do to overcome this?

Decision Making

• Tell me about a recent decision you have made in your role. Walk me through your thought processes.

• What is the most difficult decision you have made in your current role? 

Team Skills

• Tell me about a time when you had to work with a team of people you did not know.

• Tell me about a specific situation where you were able to help out a team member or colleague.

Project Management

• Tell me about a project you have managed recently. Walk me through your planning and tracking process.

• Tell me about a project you managed that didn’t go to plan.

Analysis Skills

• Tell me about a project where you were asked to gather and evaluate complex information.

• Tell me about a time when you were asked to make a recommendation based on statistical information.

Time Management

• Tell me about a specific situation when you managed conflicting priorities. What did you do?

• Tell me about a time when the project you were working on seemed in danger of missing a deadline. What did you do?

Building Rapport

• Tell me about a time when you have had to deal with a difficult customer/colleague. 

What happened? What was difficult about them?

Quick Learner

• Tell me about a time in your current role when you had to learn new skills quickly.

Negotiation Skills

• Tell me about a difficult negotiation that you had to handle.

AD Active Directory Interview Questions and Answers

What is Active Directory?

Active Directory (AD) is a directory service developed by Microsoft and used to store objects like User, Computer, printer, Network information, It facilitate to manage your network effectively with multiple Domain Controllers in different location with AD database, able to manage/change AD from any Domain Controllers and this will be replicated to all other DC’s, centralized Administration with multiple geographical location and authenticates users and computers in a Windows domain

What is LDAP and how the LDAP been used on Active Directory(AD)?

What is Tree?
Tree is a hierarchical arrangement of windows Domain that share a contiguous name space

What is Domain?
Active Directory Domain Services is Microsoft’s Directory Server. It provides authentication and authorization mechanisms as well as a framework within which other related services can be deployed

What is Active Directory Domain Controller (DC)?
Domain Controller is the server which holds the AD database, All AD changes get replicated to other DC and vise vase

What is Forest?
Forest consists of multiple Domains trees. The Domain trees in a forest do not form a contiguous name space however share a common schema and global catalog (GC)

What is Schema?
Active directory schema is the set of definitions that define the kinds of object and the type of information about those objects that can be stored in Active Directory
Active directory schema is Collection of object class and there attributes
Object Class = User
Attributes = first name, last name, email, and others

Can we restore a schema partition?


Tel me about the FSMO roles?
Schema Master
Domain Naming Master
Infrastructure Master
RID Master
PDC
Schema Master and Domain Naming Master are forest wide role and only available one on each Forest, Other roles are Domain wide and one for each Domain
AD replication is multi master replication and change can be done in any Domain Controller and will get replicated to others Domain Controllers, except above file roles, this will be flexible single master operations (FSMO), these changes only be done on dedicated Domain Controller so it’s single master replication

How to check which server holds which role?
Netdom query FSMO

Which FSMO role is the most important? And why?
Interesting question which role is most important out of 5 FSMO roles or if one role fails that will impact the end-user immediately
Most armature administrators pick the Schema master role, not sure why maybe they though Schema is very critical to run the Active Directory
Correct answer is PDC, now the next question why? Will explain role by role what happens when a FSMO role holder fails to find the answer

Schema Master – Schema Master needed to update the Schema, we don’t update the schema daily right, when will update the Schema? While the time of operating system migration, installing new Exchange version and any other application which requires extending the schema
So if are Schema Master Server is not available, we can’t able to update the schema and no way this will going to affect the Active Directory operation and the end-user
Schema Master needs to be online and ready to make a schema change, we can plan and have more time to bring back the Schema Master Server

Domain Naming Master – Domain Naming Master required to creating a new Domain and creating an application partition, Like Schema Master we don’t cerate Domain and application partition frequently
So if are Domain Naming Master Server is not available, we can’t able to create a new Domain and application partition, it may not affect the user, user event didn’t aware Domain Naming Master Server is down

Infrastructure Master – Infrastructure Master updates the cross domain updates, what really updates between Domains? Whenever user login to Domain the TGT has been created with the list of access user got through group membership (user group membership details) it also contain the user membership details from trusted domain, Infrastructure Master keep this information up-to-date, it update reference information every 2 days by comparing its data with the Global Catalog (that’s why we don’t keep Infrastructure Master and GC in same server)
In a single Domain and single Forest environment there is no impact if the Infrastructure Master server is down
In a Multi Domain and Forest environment, there will be impact and we have enough time to fix the issue before it affect the end-user

RID Master –Every DC is initially issued 500 RID’s from RID Master Server.  RID’s are used to create a new object on Active Directory, all new objects are created with Security ID (SID) and RID is the last part of a SID. The RID uniquely identifies a security principal relative to the local or domain security authority that issued the SID
When it gets down to 250 (50%) it requests a second pool of RID’s from the RID master.  If RID 

Master Server is not available the RID pools unable to be issued to DC’s and DC’s are only able to create a new object depends on the available RID’s, every DC has anywhere between 250 and 750 RIDs available, so no immediate impact

PDC – PDC required for Time sync, user login, password changes and Trust, now you know why the PDC is important FSMO role holder to get back online, PDC role will impact the end-user immediately and we need to recover ASAP
The PDC emulator Primary Domain Controller for backwards compatibility and it’s responsible for time synchronizing within a domain, also the password master. Any password change is replicated to the PDC emulator ASAP. If a logon request fails due to a bad password the logon request is passed to the PDC emulator to check the password before rejecting the login request.

Tel me about Active Directory Database and list the Active Directory Database files?
NTDS.DIT
EDB.Log
EDB.Che
Res1.log and Res2.log
All AD changes didn’t write directly to NTDS.DIT database file, first write to EDB.Log and from log file to database, EDB.Che used to track the database update from log file, to know what changes are copied to database file.
NTDS.DIT: NTDS.DIT is the AD database and store all AD objects, Default location is the %system root%\nrds\nrds.dit, Active Directory database engine is the extensible storage engine which us based on the Jet database
EDB.Log: EDB.Log is the transaction log file when EDB.Log is full, it is renamed to EDB Num.log where num is the increasing number starting from 1, like EDB1.Log
EDB.Che: EDB.Che is the checkpoint file used to trace the data not yet written to database file this indicate the starting point from which data is to be recovered from the log file in case if failure
Res1.log and Res2.log:  Res is reserved transaction log file which provide the transaction log file enough time to shutdown if the disk didn’t have enough space

Active Directory restores types?
Authoritative restore
Non-authoritative restore

Non-authoritative restore of Active Directory
Non-authoritative restore is restore the domain controller to its state at the time of backup, and allows normal replication to overwrite restored domain controller with any changes that have occurred after the backup. After system state restore, domain controller queries its replication partners and get the changes after backup date, to ensure that the domain controller has an accurate and updated copy of the Active Directory database.
Non-authoritative restore is the default method for restoring Active Directory, just a restore of system state is non-authoritative restore and mostly we use this for Active Directory data loss or corruption.

How perform a non-authoritative restore?
Just start the domain controller in Directory Services Restore Mode and perform system state restore from backup

Authoritative restore of Active Directory
An authoritative restore is next step of the non-authoritative restore process. We have do non-authoritative restore before you can perform an authoritative restore. The main difference is that an authoritative restore has the ability to increment the version number of the attributes of all objects or an individual object in an entire directory, this will make it authoritative restore an object in the directory. This can be used to restore a single deleted user/group and event an entire OU.
In a non-authoritative restore, after a domain controller is back online, it will contact its replication partners to determine any changes since the time of the last backup. However the version number of the object attributes that you want to be authoritative will be higher than the existing version numbers of the attribute, the object on the restored domain controller will appear to be more recent and therefore, restored object will be replicated to other domain controllers in the Domain

How perform a authoritative restore?
Unlike a non-authoritative restore, an authoritative restores need to Ntdsutil.exe to increment the version number of the object attributes

What are Active Directory Partitions can be restored?
You can authoritatively restore only objects from configuration and domain partition. Authoritative restores of schema-naming contexts are not supported.

How many domain controllers need to back up? Or which domain controllers to back up?
Minimum requirement is to back up two domain controllers in each domain, one should be an operations master role holder DC, no need to backup RID Master (relative ID) because RID master should not be restored

Job interview - reducing anxiety

 
Many of us find job interviews to be anxiety inducing events. For some, this is a real problem as it creates nervousness, the interviewee can stammer through the answers, and get so worked up that they quite simply fail the interview (even before they have started). If you have a job interview coming up, there are many tools to use that will help put your mind at ease, and keep you focused.

Prepare and take notes in with you

Those who take a file and interview notes with them into interview will benefit from an increased feeling of confidence. Remember, taking notes into an interview isn't frowned upon - it's a smart way of preparing for a meeting. Having notes will give you an instant boast of confidence, a support mechanism, and will also ensure that you are much better equipped for each stage of the interview.

Prepare for the interview

Complete research into the company, its market, competitors and what the job you are applying for entails. Try to obtain a full job description from the recruiting manager prior to the interview. Prepare your file one or two days before the interview (giving yourself plenty of time). Ensure you include a copy of your resume, job description, supporting documentation and notes. Know that you will need to sell you skills, and ensure you have these skills noted mentally or physically on paper. Remember, the more preparation you do, the more confident and calm you will be on the day.

Try to relax, it's only an interview

An interview is merely a way for two people to determine if they will be a good match for each other, and the job interview is just a sharing of information. It's also as much about you interviewing them, as it is about them interviewing you. Try not to lose site of this point.

It's so important that you don't worry about your personality, and how you are coming across. Stick to you interview plan and interview notes.


Tips Tricks to reduce physical and emotional stress

  • Practice simple breathing techniques;
  • If possible, undertake 30 minutes worth of excercise in the morning (but no less than 2 hours before the interview);
  • Listen to relaxing music and calm yourself;
  • Do not smoke or drink caffeine for at least 2 hours before;
  • Make constructive conversation with friends;
  • If you feel yourself getting tense in the interview, be conscious of this and try to relax your shoulders.

And finally...

Try to learn from each interview. Ask for feedback and try to adjust your style to suit a wider audience. If you still feel interview nerves is a weakness, then try to seek professional help from a trained advisor. It will be money well spent.

DNS Interview Questions and Answers Windows Server

What is Domain Name System (DNS)?
Domain Name System is a service to resolve the Name to IP Address and IP Address to Name, DNS also used to locate servers, computers and services on your network and DNS is backbone of Active Directory that can be installed on windows server as a standalone or Domain Controller

What is Static and Dynamic DNS Record?
Manually created DNS entry called static record and the record created automatically by the system/DHCP itself called Dynamic DNS Record, static records are not easy to manage as the IP adress changes will not update automatically, we have to update manually

What is Dynamic DNS (DDNS)?
Dynamic DNS or DDNS is a method of updating a DNS record, DDNS is preferred most of the organization since it’s easy to maintain and you always get the latest updated IP address of the servers and computers

What are the record types in DNS?
DNS has many types of records, A record or host records are mostly known to everyone, will explain all the record types in DNS

A (Address) Maps a host name to an IP address, Compute1 pointing to 192.168.100.100, When a computer has multiple adapter cards and IP addresses, it should have multiple address records.
CNAME (Canonical Name) Sets an alias for a host name. Record pointing to different record like www.support.windowstricks.in can have an alias as www.windowstricks.in, so both the records are pointing to same page

MX (Mail Exchange) Specifies a mail exchange server for the domain, used for mail delivery which allows mail to be delivered to the correct mail servers

NS (Name Server) Specifies a name server for the domain, which is authoritative servers for the respective DNS Zone and allows DNS lookups within all DNS zones

PTR (Pointer) Creates a pointer that maps an IP address to a host name for reverse lookups.
SOA (Start of Authority) Declares the host that is the most authoritative for the zone and, as such, is the best source of DNS information for the zone. Each zone file must have an SOA record (which is created automatically when you add a zone)


What is Caching Only Server?
Caching-only servers are those DNS servers that only perform name resolution queries, cache the answers, and return the results to the client. Once the query is stored in cache, next time the query in resolved locally from cached instead of going to the actual site.

What are a Forward and Reverse Lookup?
  • Forward Lookup: Searching for A record, all the name query is send to the DNS server against to IP address, it is generally said a forward lookup.
  • Reverse Lookup: Searching for PTR records whicho provides a reverse lookup process, enabling clients to use a known IP address during a name query and look up a computer name based on its address

What is Primary DNS zone?
This is the read and writable copy of a zone file in the DNS namespace. This is primary source for information about the zone and it stores the master copy of zone data in a local file or in AD DS. Dy default the primary zone file is named as zone_name.dns in Windows\System32\DNS folder on the server
If its AD integrated zone then all the records are stored in Domain partition on the Domain Controllers

What id Secondary DNS zone?
This is the read only copy of a zone file in the DNS namespace. This is secondary source for information about the zone and it get the updated information from the master copy of primary zone. The network access must be available to connect with primary server. As secondary zone is merely a copy of a primary zone that is hosted on another server, and secondary zone cannot be stored in AD


What is stub DNS Zone?
A stub zone is a read only copy of a zone that contains only those resource records which are necessary to identify the authoritative DNS servers for that particular zone, stub zone also used like DNS Forwarding and its practically used to resolve names between separate DNS namespaces. This type of zone is generally created when a corporate merger or acquire and DNS servers for two separate DNS namespaces resolve names for clients in both namespaces.

A stub zone contains:
The start of authority (SOA) resource record, name server (NS) resource records, and the glue A resource records for the delegated zone.
The IP address of one or more master servers that can be used to update the stub zone

What is Aging and Scavenging?
Aging and Scavenging is a DNS server service which supports a mechanism for performing clean-up and removal of stale resource records which can accumulate in zone data over time. It helps to maintain the dynamic DNS environment by regular deletion of stale resource records from the DNS database. Some problems associated with stale records are: unnecessary space utilization long zone transfers, wrong resolution of the client query due to stale data, and accumulation of stale records on the DNS server can degrade its performance. These stale records problems can be resolved by the aging and scavenging features. Before using aging and scavenging features of DNS some conditions needed are:
1) Aging and scavenging features must be enabled on the DNS server and on the zone. By default, they are not enabled.
2) Resource records must be added dynamically to the zone or manually modified to be used in operations of aging and scavenging.

Aging
Aging is the process of identifying stale DNS records. It uses two intervals:
1) Non-Refresh interval
2) Refresh interval

Non-Refresh interval
This is the time period in which the resource records cannot be refreshed. It can be used to reduce the replication traffic in this time period to avoid the replication of the same information again.

Refresh interval
This is the time period in which the resource records can be refreshed.
Resource record refresh: This is a DNS dynamic update without changing the hostname and IP address.
If the non-refresh interval and refresh interval are 7 days, then the resource records can be considered as stale if not refreshed after 14 days. If the non-refresh interval and refresh interval are elapsed, then the resource records can be refreshed as long as they are not removed from the DNS zone. Aging uses a resource record time-stamp to identify if the record is stale or not.
Resource records having timestamp zero: These records are static records that are not stale records.
Resource records having timestamp not equal to zero: These records are dynamic records which represent the hour of the last refresh date.

Scavenging
Scavenging is the process of removal and clean-up of stale resource records from the DNS zone. The stale resource records will be removed only if the scavenging is enabled on the resource record,  where the resource record exists and at least one DNS hosting where the primary copy of the resource records exists.
Scavenging can be set in three places:
1) Individual record
2) Zone
3) Server
If scavenging is set on zone it will work only for dynamic records. It will work for manual entries only if it’s enabled for the zone. Once scavenging is set on zone this will enable it on DNS servers. The DNS server where the scavenging option enabled is responsible to scavenge the record. The server will log a DNS event 2501 to indicate the number of scavenging record and it will log a DNS event 2502 if no record where scavenged.

Scavenging formula:
Record timestamp+no refresh interval for zone+refresh interval for zone
If the sum of these values are greater the server time (current date and time on the DNS server) no action is taken and records are not deleted from the zone. If the sum is less than server time the records are deleted.

Aging and scavenging process for a sample record
Consider a DNS host “host-a.example.microsoft.com” register its host resource record on the DNS server where aging and scavenging are enabled. The DNS server set a time stamp for this record based on the current server time at the time of registration. The DNS server does not refresh the resource record for the duration of non-refresh interval. It can refresh the record before non-refresh interval if any update, such as the IP address of the host changes and it resets the time stamp accordingly. The DNS server refreshes the record after the non-refresh interval expires. During and after the refresh interval if any update comes it accepts and refresh the record. The server examines the subsequent scavenging and each record is compared to server time to determine whether the record should be removed and this is done by using scavenging formula.

Job Interview Tips - What Not to Say in a Job Interview

 
Interviewing for any job can create stress, and for some, can result in a lack of good judgment when it comes to what to talk about. Many interviewees with good intentions, can end up saying things that are inappropriate or inaccurate, which ultimately costs them the job.  
  • Do not speak negatively about your past employer or organisation. If asked why you are leaving or why you left, simply say that you are looking for a new opportunity. Talking badly about your former boss, company or co-workers will come across as negative.
  • If you are uncomfortable about providing private and /or sensitive information about your current employer (such as financials), avoid a negative response by saying “I’m not sure my company would like me to disclose that information". Ideally, if talking about financials, you can use a range instead of exact amounts. For example, company turnover being $35Mil, then you can provide a range of "$30Mil to $40Mil". This is a more helpful strategy.
  • Avoid discussing salary until the interviewer brings it up. Typically, this will come up after you have been offered the position, or at the end of the interview. Immediately asking “How much will I get paid?” or asking "When is the next pay rise" could have the interviewer believing that money is a number one factor.

  • Do not say anything that is not true about your past work history. The interviewer will most likely cross reference your past jobs,so you will eventually get caught out and lose the job. Always be honest about your experiences, history and abilities. If the interviewer asks why you were fired from a job, be forthcoming but explain how you have learned from the mistake. Never lie and say that you left of your own accord, if indeed you were released.

  • Do not interrupt the interviewer. Always let them lead the conversation and set the pace of  the interview. If you interrupt or try to lead, you will come across as pushy and someone who doesn't demonstrate good listening skills. Stop yourself from over talking!

  •  In an interview, you want to remain professional, yet friendly. But don't get too friendly and share too many details. Keep your answers simple, concise and to the point so that you avoid babbling on unnecessarily and giving away personal information. Always remember, this is an interview!

Job interview - Questions to Ask




It's important to ask questions in an interview. These should be questions to clarify job specifics through to key points of interest which will enable you to determine whether this is the right job, employer and culture fit for you.


  • What are the most important skills and characteristics your
  • What made you decide to join the company? (providing they don't own the business!)
  • What has been the pattern of growth for the company over the past 5 years
  • What is the future growth plan of the company?
  • Why is this job open?
  • How many people held this position over the recent years?
  • How does this position fit into the overall organisation?
  • Who will I be reporting to
  • Where is the job located by way of company structure?
  • What type of training is required for this position? How long is the training period?
  • What other training opportunities are provided?
  • Where are the greatest opportunities for growth within the company?
  • Who are the company's major competitors?
  • Who are your major customers? Are they mostly local, regional or global
  • What will my priorities be? What will be my first assignment?
  • What issues/challenges am I likely to face when I first take on the role?


Remember: write some questions down before interview and during the interview. Don't try to leave everything to memory. It's also down to you to have the confidence to ask the questions, and to ask question that you feel will be relevant in helping you make your decision. It's a two way process where both you and the interviewer need to know more.

Group Policy Interview Questions and Answers for Windows Administrator

What are group policies?
Group policies specify how programs, network resources, and the operating system work for users and computers in an organization. They are collections of user and computer configuration settings that are applied on the users and computers (not on groups). For better administration of group policies in the Windows environment, the group policy objects (GPOs) are used.

What is GPO?
Group policy object (GPO) is a collection of group policy settings. It can be created using a Windows utility known as the Group Policy snap-in. GPO affects the user and computer accounts located in sites, domains, and organizational units (OUs). The Windows 2000/2003 operating systems support two types of GPOs, local and non-local (Active Directory-based) GPOs.

What is Local GPOs/policy?
Local GPOs are used to control policies on a local server running Windows 2000/2003 Server. On each Windows  server, a local GPO is stored. The local GPO affects only the computer on which it is stored. By default, only Security Settings nodes are configured. The rest of the settings are either disabled or not enabled. The local GPO is stored in the %systemroot%SYSTEM32GROUPPOLICY folder.

What is Non-local Policy?
Non-local GPOs are used to control policies on an Active Directory-based network. A Windows  server needs to be configured as a domain controller on the network to use a non-local GPO. The non-local GPOs must be linked to a site, domain, or organizational unit (OU) to apply group policies to the user or computer objects. The non-local GPOs are stored in %systemroot%SYSVOLPOLICIESADM, where is the GPO’s globally unique identifier. Two non-local GPOs are created by default when the Active Directory is installed:
1. Default Domain Policy: This GPO is linked to the domain and it affects all users and computers in the domain.
2. Default Domain Controllers Policy: This GPO is linked to the Domain Controllers OU and it affects all domain controllers placed in this OU.
Multiple GPOs

GPO Apply order
When multiple group policy objects are assigned, the group policies are applied in the following order:
• The local group policy object is applied first
• Then, the group policy objects linked to sites are applied
If multiple GPOs exist for a site, they are applied in the order specified by an administrator
• GPOs linked to the domains are applied in the specified order
• Finally, GPOs linked to OUs are applied
The OU group policy objects are set from the largest to the smallest organizational unit, i.e., first the parent OU and then the child OU.
By default, a policy applied later overwrites a policy that was applied earlier. Hence, the settings in a child OU can override the settings in the parent OU
Group policy settings are cumulative if they are compatible with each other. In case they conflict with each other, the GPO processed later takes precedence.

What is No Override? Block Policy Inheritance?
The following are the exceptions with regard to the above-mentioned settings:
 No Override:
Any GPO can be set to No Override. If the No Override configuration is set to a GPO, no policy configured in the GPO can be overridden. If more than one GPO has been set to No Override, then the one that is the highest in the Active Directory hierarchy takes precedence
Block Policy Inheritance:
The Block Policy Inheritance option can be applied to the site, domain, or OU. It deflects all group policy settings that reach the site, domain, or OU from the object higher in the hierarchy. However, the GPOs configured with the No Override option are always applied
What is Loopback policy?

Is group policy from Parent Domain cab be inherited to child Domain?
Group Policy Inheritance
The group policies are inherited from parent to child within a domain. They are not inherited from parent domain to child domain

Following are the rules regarding group policy inheritance:
A policy setting is configured (Enabled or Disabled) for a parent OU, and the same policy setting is not configured for its child OUs. The child OUs inherit the parent’s policy
A policy setting is configured (Enabled or Disabled) for a parent OU, and the same policy setting is configured for its child OUs. The child OUs settings override the settings inherited from the parent’s OU
If any policy is not configured, no inheritance takes place
Compatible policy settings configured at the parent and child OUs are accumulated
Incompatible policy settings from the parent OU are not inherited

What is security filtering? Filtering Scope of GPOs
Although GPOs are linked to the site, domain, or OUs, and they cannot be linked to the security groups directly, applying permissions to the GPO can filter its scope. The policies in a non-local GPO apply only to users who have the Read and Apply Group Policy permissions set to Allow
By specifying appropriate permissions to the security groups, the administrators can filter a GPO’s scope for the computers and users

What Tools used to edit the Group policy?
GPMC and GPedit
How to check applied policy details from Client or server?
RSOP.msc (only works windows 2003 and above)
GPRESULT /v

What is .adm file?
Administrative Template are  required because Microsoft did not include all Registry settings in the default Group Policy, if you want to add more customized setting to existing policy then .ADM file can be created and imported to get the necessary setting

Problem solving tips for helpdesk personnel


Working on a help desk is all about problem solving. Users have problems and look to us for a solution. 

We all know that there are some people who are very good at solving problems and there are those who sometimes struggle. The good ones aren't necessarily more technical, they just have an almost uncanny ability to solve problems which have everyone else stumped.
 
If you are one of those that sometimes struggle, don't worry, it is possible to improve by following some very simple guidelines which we will show you on this site.

On this site we will take you through some of the key steps. The examples are all based on a IT help desk but the principles are universal. 

We present this guide in the form of several numbered steps. This doesn't mean to say that problem solving is a linear process, very often you will need to loop back to an earlier stage.

The Symptoms: It is vital you identify the symptoms. Quite often a user will call with "My computer is not working", but we all know how useless that is ! Here are some questions that are applicable to practically all problems:

1. What is the exact error message?
This maybe obvious, but sometimes it is easy to jump to conclusions based on partial information. If possible, get the user to send you a screen dump (hold down the ALT button, then press the PrtScr buttons, go to e.g. Word, create a new document and select Paste from the Edit menu)

2. What were you doing at the time?
By determining this you can identify which program or which part of the program is causing the problem.

3. Has the error always occurred or just started?
If the program has never worked, then it is possibly a fault with program. If it used to work OK, then you will need to find out at what point in time it stopped working.

4. If it has just started, have you recently installed any other software or made any other changes?
People are very reluctant to admit they have made changes - perhaps they are worried they will get into trouble? So, you will generally find that the answer to this question is "No", but never believe it. The program was working, now it isn't - something must have changed. Bear in mind that the user might not be aware of changes (e.g. many programs and even the operating system may do automatic updates) or they might not realize the significance of some apparently unrelated change.

5. Does it affect all machines or just yours?
If there are other machines that can use the program without problem, then the fault obviously lies with the configuration of this individual's machine.
If every machine has the same problem, it might be that they all have the same configuration problem or it might be a problem with the application's data.

6. In the case of networked programs. if you use the program from a different machine, do you get the same error?
If the error does not appear when you use the same application program from a different machine, then it is likely to be a fault in the configuration of the user's machine.
 

Examine the Evidence

What evidence is relevant? Do you have enough evidence? These are two key questions when problem solving but you aren't going to know the answers to them until you start postulate possible causes and want to test them further.

Experience may sometimes tell you that certain facts are irrelevant. This is good, and will help you concentrate on what you think is relevant, BUT, don't forget about them and keep an open mind.
Your biggest tool for gathering evidence is of course your question and answer sessions with the user, but there are other tools which you can use:

Filemon is a great utility which logs all file activity. Set it running, the go to the problem program and generate the error. Stop Filemmon and look at the log. It generates a great deal of information but it is very easy to see problems.

Event logs: Most operating systems have both application and event logs. Check these to see if anything is relevant.

Confirm everything:  Quite often you have to tease the information out of a user over several question and answer situations. Once you feel that you understand the problem, make sure you confirm it with the user :

"So, as I understand it, if you clck the Update button while creating a new record, the screen crashes with an error "Record must be unique". This was working fine on Friday, no-one else has this problem, and you haven't made any changes to your machine over the weekend. Is that correct?"
If they don't confirm then you must repeat step 1 until you are both happy that you are talking about the same problem.

Research: You know what the symptoms are, you know in what circumstances they appear, now you have to start finding a solution.

Of course, it might be that someone has already done the hard work for you - others may have had, and solved, this problem. There are several sources of information you might try:

Knowledge base : Somewhere, you should have a record of all past problems (and their solutions), otherwise you are going to keep wasting an awful lot of time. This should be in a form that is easily searched. You could use e.g. a spreadsheet, a simple document, a database, or a program designed specifically for the task. As long as it is easy to use.

The Internet : The Internet is a fantastic resource. The only problem is the sheer volume of information. A good search engine is key to getting the best of it. You can almost guarantee that someone, somewhere has had the same problem as your user and if you are lucky, there might be an answer already.

Colleagues: You might try asking your workmates, they may have seen this problem before. Of course, this will disrupt their work so it is not the most efficient use of resources and they will soon get tired of you if you make it a habit. This should only be used as a last resort.

Postulate and test:  By now, you know what the symptoms are and you have done some research on similar problems. You should by now have some theories as to the cause of the problem.

Now you need to test your theories. This usually involves further questioning of the user:
"Your monitor is blank; can you check if there is a green light on the front, bottom right of the monitor?"
 
If there is, then you know there is power to the monitor, but is there a signal?
"Do you have another monitor nearby that you can plug in instead?"
 
If the new monitor works, then it is a problem with the old one. If the problem persists, chase it back up the wire...
"Can you put the original monitor onto a different machine? Does it work Ok there?"
 
If it does, the the fault is with the original PC.
"Is there a green light on the front right of the PC?"
 
If there is, the problem is probably with the PC itself.

Don't assume or jump to conclusions. Take a step by step approach, eliminating possibilities as you go. Sometimes when there are many possible answers you are able to narrow the field considerably by taking an initial broad brush approach. In the above example the first question we asked was "...can you check if there is a green light ...". If the answer was no, then either the monitor wasn't plugged in or there was a power failure. Perhaps a better first question would be "Plug a desk lamp into the same socket - does it work?"

Keep an open mind. You might find yourself going right down one avenue of investigation only to come to a full stop. Don't forget your other theories, go back and test these as well.

Identify the Problem

You know what the symptoms are, you have confirmed everything with the user, had one or more ideas as to the problem and now you have narrowed it down to just one. You must double-check that this you have identified it correctly. There is no point in telling your user to buy a new monitor if all they have to do is wait for the power failure to be restored!
In the ideal world you will be able to devise one test that identifies the problem without doubt.
Of course, in the real world, all you can do is take your best guess, try your solution and hope. The mark of a good support person is how accurate that "guess" is. If you have followed the steps so far, gathered enough evidence, confirmed everything with the user and eliminated other possibilities logically, then your "guess" should be pretty accurate.

Provide a Solution:  This is what the user expects you to do, right? After all, you know what the problem is so fix it.

Most of the time you might have an easy solution. Other times there might not be an immediate fix available - you might need to order a spare part or it might require a new software release. There are even those situations where you don't know what the problem is. In any case, you need to communicate and manage expectations.
 
·         If you have a solution, communicate the fix to the user clearly and ensure they understand.
·         If you don't have an immediate solution, again make sure the user understands this and the likely timeframes. Make sure you schedule an action for yourself to monitor this.
·         If you don't have any solution to the problem, do you have a work-around 

Confirm the Solution: You have told the user how to fix their problem, or you have arranged someone to do it for them. After the fix has gone in, you must confirm with the user that their problem has been solved. You can't assume that the engineer visited, or that the new part worked.
Keep in touch with the user until you know the problem has been resolved.

Communicate and Record : The worst thing for a user is if they believe their problem is not being given attention. They don't care that you have dozens of other users to deal with. That isn't (and shouldn't be) their concern. 

You must manage expectations, if you say "I'll get back to you", their idea of when you should do so might be very different to yours. Instead, say "I'll get back to you before 12:00 tomorrow" and make sure you do, even if it is to tell them that there has been no progress.

Record everything. No one has a perfect memory and no one only ever deals with one thing at a time. You must make a note of conversations, actions, agreements etc.
·         You can easily hand tasks over to other personnel
·         You rarely work on one problem to the exclusion of others until it is completed. So you will be switching back and forth and will need some sort of reminder as to what has happened beforehand.
·         You will build up a knowledge base of problems and solutions for use in the future.
·         If there are recriminations, you have a record of what was done!
In what form you record this is up to you. You could use a document, a simple database, write your own program or use software specifically designed for use by helpdesks.

Sample Ticket Template #01
Which application is the user having issues with?
 - Please include the URL if it is a Web application.
 OR - Please include the folder path if it's a file.
---------------
What is the Incident?  What is the User Experiencing?
/-Type description
What is the Error Message?
Capture message number or description
When did this problem happen?
---------------
What is the Impact to the Business/User?
---------------How many users affected by this one or more / is it happening across the organization?
How urgent is the resolution of this incident?
 (Delete as necessary)
 COB today/ 1 day/ 2 days/ End of week
---------------
Do you have a work around?  Is there any other work you can do, can you use someone else's PC?  Is there another means by which you can get the required task completed?
---------------
What is the name of the users machine? *
 - Shadow user's machine to get this information
Ask user to open command prompt then type hostname
---------------
What is the IP address of the users machine? *
 - Shadow user's machine to get this information
Or Ask user to open command prompt then type ipconfig [windows]/ifconfig [linux]
 Please attach a screenshot of the error
 - Shadow user's machine to get full screenshot
Or ask user to take screen shot and email it to you.

Sample Communication Template #01
Hello 

As a standard procedure, we require approval from your manager so we can fulfill your request.
Please provide this at your earliest convenience (via email if possible).

Thank you
ICT Service Desk Team

Sample Communication Template #02
 
ICT Service Desk Call Back No Response: #01
Dear [         ],

We have attempted to contact you on 1 occasion to resolve your service request, however we have been unsuccessful. 

If you still require assistance for this request, please contact the Service Desk on 00 0000 0000.

Regards
ICT Service Desk Team

Twitter Facebook Favorites More