🔧 Windows Administrator – L2/L3 Interview Questions & Answers

Preparing for a Windows Administrator L2/L3 interview requires a solid understanding of both foundational and advanced system administration concepts. Candidates are expected to demonstrate hands-on expertise with Active Directory, Group Policy, DNS, DHCP, FSMO roles, and server performance troubleshooting. Key areas include managing user authentication, configuring and securing servers, monitoring system health, resolving login issues, and handling tasks like patching, RDP configuration, and backup strategies. Interviewers often assess knowledge of tools like Event Viewer, Task Manager, Performance Monitor, and command-line utilities (e.g., dcdiag, repadmin). Scenario-based questions test the ability to diagnose issues like BSODs, high CPU usage, or replication failures. A strong candidate for an L2/L3 role must also understand RAID configurations, system imaging with Sysprep, and have experience working in virtual environments (Hyper-V/VMware). Effective troubleshooting skills, attention to detail, and familiarity with security best practices are essential for success in these roles.

    

1. What are FSMO roles in Active Directory?

Answer:

FSMO (Flexible Single Master Operation) roles are critical functions in AD. There are 5 FSMO roles:

• Schema Master
• Domain Naming Master
• RID Master
• PDC Emulator
• Infrastructure Master
  They are divided between forest-wide and domain-wide roles.

 

2. What is the difference between a domain, tree, and forest in AD?

Answer:

• Domain: A logical group of network objects (users, computers).
• Tree: A group of one or more domains in a contiguous namespace.
• Forest: A collection of trees that share a global catalog and schema but are not in the same namespace.

Kuwait bus routes and numbers, bus route kuwait CityBus, KPTC, KGL Mowsalat. find Kuwait’s public transport Muscat خط الحافلات الكويت. 

 

3. What are the types of profiles in Windows?

Answer:

• Local Profile – Stored on local machine.
• Roaming Profile – Stored on network and downloaded at login.
• Mandatory Profile – A read-only profile that resets after logout.

 

4. What is the difference between NTFS and Share permissions?

Answer:

• NTFS Permissions – Apply to local and remote users, and are more granular.
• Share Permissions – Apply only when accessing via network.
  Note: NTFS and Share permissions combine to determine effective permissions (most restrictive applies).

 

5. How do you troubleshoot a user unable to log in to the domain?

Answer:

• Check network connectivity (ping DC).
• Ensure correct username/password.
• Check AD account status (locked/disabled).
• Verify DNS settings.
• Review Event Viewer for logon failures.

 

6. What is a GPO, and how is it applied?

Answer:
GPO (Group Policy Object) manages users and computers centrally. It's applied in the order:
Local > Site > Domain > OU (LSDOU)
Policies later in the order override previous ones if conflicting.

 

🔧 Windows Administrator – L2/L3 Interview Questions & Answers

1.What are the FSMO roles ?
 

2. Which role plays the vital role?


3.Why domain time synchronization require?

A http://how-to-install-it.blogspot.com reader who uses

4.What is KCC?
 

5.In global catalogue server which role will not work?
 

6.What is the difference between IIS 5.0 and IIS 6.0 ?
 

7.What is MTA?
 

8.What is the role of Application pool in IIS server?
 

9.What is the Event ID no. for abnormal shut down ?
 

10. How to make communicate between difference subnets in DHCP server?

 

 Visit for latest Job Vacancies and News indianinQ8.com 

7. What is the difference between a hotfix, patch, and service pack?

Answer:

• Hotfix – Fixes specific issues.
• Patch – Regular update for bugs/security.
• Service Pack – Collection of patches/hotfixes.

 

8. What is WSUS and why is it used?

Answer:
WSUS (Windows Server Update Services) allows centralized patch management of Windows systems. It downloads updates from Microsoft and distributes them to client PCs.

 

9. How do you troubleshoot high CPU usage on a Windows Server?

Answer:

• Use Task Manager / Resource Monitor.
• Identify consuming processes.
• Check Event Viewer for errors.
• Investigate scheduled tasks or antivirus scans.
• Use Performance Monitor (PerfMon) for long-term trends.

 

10. Explain the difference between RDP and VNC.

Answer:

• RDP (Remote Desktop Protocol) – Native to Windows, uses port 3389.
• VNC – Cross-platform, less secure by default, used in heterogeneous environments.

 

 

11.How many types of Host records are there?
 

12.What you need to create alias ?
 

13.What is DHCP relay agent and How to configure it?
 

11. What is sysprep, and when would you use it?

Answer:
Sysprep (System Preparation Tool) prepares a Windows image for cloning and deployment by removing unique system identifiers (like SID).

 

12. What is RAID and what are the different levels?

Answer:
RAID (Redundant Array of Independent Disks) provides data redundancy and/or performance:

• RAID 0 – Striping (performance, no redundancy)
• RAID 1 – Mirroring
• RAID 5 – Striping with parity
• RAID 10 – Mirror + Stripe

 

13. How would you handle a BSOD (Blue Screen of Death)?

Answer:

• Record the error code (STOP code).
• Check Event Viewer & minidump files.
• Run memory and disk checks (e.g., chkdsk, sfc /scannow, memtest).
• Review recent driver/patch changes.

 

14. How do you promote a server to Domain Controller?

Answer:

• Install the AD DS role.
• Run dcpromo (legacy) or use Server Manager → Promote to Domain Controller.
• Follow the wizard to configure DNS, GC, and replication.

 

15. What ports must be open for Active Directory to function properly?

Answer:

• TCP/UDP 389 – LDAP
• TCP 636 – LDAP SSL
• TCP 3268 – Global Catalog
• TCP 88 – Kerberos
• TCP 445 – SMB
• UDP 123 – NTP

 

14.What is the different types of groups in active directory?
 

14.Which domain component takes care of replication?
 

15.What is smart host?

 

 

16. How do you reset a local admin password if locked out?

Answer:

• Boot into recovery mode or WinPE.
• Use Command Prompt to access system files.
• Rename utilman.exe to cmd.exe, reboot, use net user to reset.

Note: Use only in approved recovery scenarios.

 

17. How do you clone a Windows Server VM in Hyper-V/VMware?

Answer:

• Shutdown source VM.
• Copy or create a snapshot/template.
• Use sysprep before cloning to avoid SID conflicts.
• Customize the clone (hostname, IP, etc.).

 

18. What is DHCP and how does it work?

Answer:
DHCP (Dynamic Host Configuration Protocol) automatically assigns IP addresses and other network configuration. Process involves:
DORA – Discover → Offer → Request → Acknowledge

 

19. What are the differences between L2 and L3 roles in Windows Administration?

Answer:

• L2: Handles user tickets, system monitoring, routine maintenance, and patching.
• L3: Escalation support, root cause analysis, system architecture, automation, and advanced troubleshooting.

 

20. How would you secure a Windows Server?

Answer:

• Apply latest patches.
• Disable unnecessary services.
• Implement GPOs and firewall rules.
• Enable auditing and logging.
• Use secure authentication methods (MFA, lockout policies).

 

21. What are common Active Directory replication issues and how do you troubleshoot them?

Answer:

• Tools: repadmin /replsummary, Event Viewer, dcdiag.
• Common causes: DNS misconfig, time sync, network issues, or lingering objects.