Skip to main content

IT Administrator Quiz - Intermediate Level - Part 3

Below is a 12-question Multiple Choice Question (MCQ) quiz designed for an IT administrator, focusing on scenarios that reflect common tasks and challenges in IT administration. Each question includes a simple scenario to provide context, and the questions cover fundamental topics like network management, user account security, backups, and system maintenance.

This quiz tests foundational IT administration skills through practical scenarios. Each question has four options, with one correct answer to assess or reinforce  knowledge of common IT admin tasks. The correct answers, along with explanations for why other options are incorrect, are provided after the quiz.


Question 1

Scenario: Your company is deploying a microservices application using Docker containers. A containerized service is failing to start due to a misconfigured network setting.

What’s the first step to troubleshoot the issue?
a) Check the container’s network configuration and port mappings.
b) Rebuild the entire Docker environment.
c) Increase the server’s CPU allocation.
d) Delete the container and use a VM instead.

Question 2

Scenario: You’re managing a Palo Alto firewall and need to allow a new application that uses dynamic ports. The application requires secure access without exposing the network.

How should you configure the firewall?
a) Open all dynamic ports permanently.
b) Create an application-based rule with App-ID to allow the application.
c) Disable the firewall’s application inspection.
d) Block all dynamic ports to ensure security.

Question 3

Scenario: Your company’s endpoint security solution detected malware on several workstations. You need to contain the outbreak without disrupting critical operations.

What’s the best immediate action to contain the malware?
a) Shut down all workstations in the company.
b) Reinstall the operating system on all workstations.
c) Disconnect infected workstations from the network and scan them.
d) Ignore the alerts and monitor for further issues.

Question 4

Scenario: You’re tasked with auditing user accounts in Active Directory to comply with a new security policy. Some accounts haven’t been used in over 90 days and may pose a risk.

What’s the best approach to handle inactive accounts?
a) Delete all inactive accounts immediately.
b) Grant admin privileges to inactive accounts for monitoring.
c) Ignore inactive accounts as they pose no risk.
d) Disable inactive accounts and review them for re-enablement.

Question 5

Scenario: Your company’s application server is experiencing memory leaks, causing periodic crashes. You need to identify the cause without stopping the application.

What’s the best tool or method to diagnose the memory leak?
a) Reboot the server to reset memory usage.
b) Upgrade the server’s operating system.
c) Use a performance monitoring tool like Perfmon or Valgrind.
d) Disable the application’s logging feature.

Question 6

Scenario: You’re configuring a load balancer for a web application to distribute traffic across multiple servers. The application requires session persistence for user sessions.

How should you configure the load balancer?
a) Enable sticky sessions to maintain user session continuity.
b) Disable session persistence to simplify configuration.
c) Route all traffic to a single server.
d) Reboot the load balancer to refresh settings.

Question 7

Scenario: Your company is implementing a new compliance requirement that mandates encryption for all data at rest. You need to secure an existing SQL Server database.

What’s the best way to encrypt the database?
a) Store the database in plain text for performance.
b) Disable encryption to simplify backups.
c) Encrypt only the database backups, not live data.
d) Enable Transparent Data Encryption (TDE) for the database.

Question 8

Scenario: You’re managing a Windows Server environment and need to automate the deployment of security patches to minimize manual effort. The patches must be tested first.

What’s the best approach to automate patch deployment?
a) Manually apply patches to each server.
b) Use WSUS with staged deployment for testing and rollout.
c) Disable automatic updates to avoid untested patches.
d) Reboot all servers after each patch cycle.

Question 9

Scenario: Your company’s network is experiencing packet loss between two remote offices connected via a site-to-site VPN. You need to diagnose the issue.

What’s the first step to troubleshoot the packet loss?
a) Use ping and traceroute to identify the point of loss.
b) Replace the VPN hardware at both offices.
c) Disable the VPN and use public internet.
d) Upgrade the VPN software version.

Question 10

Scenario: You’re deploying a new intranet portal on an Apache server. The portal is accessible internally but fails to load for external users due to a certificate error.

What should you do to resolve the certificate issue?
a) Disable HTTPS on the server.
b) Reinstall the Apache server.
c) Allow self-signed certificates for external users.
d) Install a valid SSL/TLS certificate from a trusted CA.

Question 11

Scenario: Your company is adopting Infrastructure as Code (IaC) using Terraform to manage cloud resources. A deployment fails due to a configuration error in the Terraform script.

What’s the best way to identify and fix the error?
a) Run terraform plan and review the output for errors.
b) Rewrite the entire Terraform script from scratch.
c) Deploy the resources manually in the cloud console.
d) Disable IaC and use a different tool.

Question 12

Scenario: You’re implementing a privileged access management (PAM) solution to secure admin accounts. You need to ensure admins use temporary credentials for elevated tasks.

What’s the best way to enforce temporary credentials?
a) Assign permanent admin privileges to all users.
b) Disable all admin accounts permanently.
c) Use a PAM tool to issue time-bound, just-in-time credentials.
d) Require admins to share a single account.

Correct Answers and Explanations

Correct Answers

  1. a

  2. b

  3. c

  4. d

  5. c

  6. a

  7. d

  8. b

  9. a

  10. d

  11. a

  12. c

Explanations

Question 1: Correct Answer: a) Check the container’s network configuration and port mappings.

  • Why a? Misconfigured network settings or port mappings are common causes of container failures, and checking these is the most efficient first step.

  • Why not b? Rebuilding the environment is disruptive and unnecessary without diagnosing the issue.

  • Why not c? Increasing CPU allocation doesn’t address network configuration problems.

  • Why not d? Switching to a VM is a major change and not a troubleshooting step.

Question 2: Correct Answer: b) Create an application-based rule with App-ID to allow the application.

  • Why b? Palo Alto’s App-ID dynamically identifies and allows the application’s traffic, ensuring secure access without opening unnecessary ports.

  • Why not a? Opening all dynamic ports exposes the network to attacks.

  • Why not c? Disabling application inspection reduces security capabilities.

  • Why not d? Blocking all dynamic ports prevents the application from functioning.

Question 3: Correct Answer: c) Disconnect infected workstations from the network and scan them.

  • Why c? Isolating infected workstations prevents malware spread, and scanning them contains the outbreak without disrupting all operations.

  • Why not a? Shutting down all workstations is overly disruptive to critical operations.

  • Why not b? Reinstalling the OS on all workstations is time-consuming and unnecessary for containment.

  • Why not d? Ignoring alerts risks further infection across the network.

Question 4: Correct Answer: d) Disable inactive accounts and review them for re-enablement.

  • Why d? Disabling inactive accounts reduces security risks while allowing review to avoid deleting accounts needed later, aligning with compliance.

  • Why not a? Deleting accounts risks losing legitimate access without review.

  • Why not b? Granting admin privileges to inactive accounts increases security risks.

  • Why not c? Ignoring inactive accounts leaves vulnerabilities unaddressed.

Question 5: Correct Answer: c) Use a performance monitoring tool like Perfmon or Valgrind.

  • Why c? These tools track memory usage in real-time, identifying the source of leaks without stopping the application.

  • Why not a? Rebooting only temporarily resets memory and doesn’t diagnose the leak.

  • Why not b? Upgrading the OS is unlikely to fix application-specific memory leaks.

  • Why not d? Disabling logging hinders troubleshooting without resolving the issue.

Question 6: Correct Answer: a) Enable sticky sessions to maintain user session continuity.

  • Why a? Sticky sessions ensure users remain connected to the same server, preserving session data critical for the application.

  • Why not b? Disabling persistence breaks session-dependent applications.

  • Why not c? Routing all traffic to one server defeats the purpose of load balancing.

  • Why not d? Rebooting doesn’t configure session persistence settings.

Question 7: Correct Answer: d) Enable Transparent Data Encryption (TDE) for the database.

  • Why d? TDE encrypts SQL Server data at rest, meeting compliance requirements without impacting application performance.

  • Why not a? Plain text storage violates encryption requirements.

  • Why not b? Disabling encryption fails to meet compliance mandates.

  • Why not c? Encrypting only backups leaves live data unprotected.

Question 8: Correct Answer: b) Use WSUS with staged deployment for testing and rollout.

  • Why b? WSUS automates patch deployment with testing phases, ensuring stability and security with minimal manual effort.

  • Why not a? Manual patching is inefficient for multiple servers.

  • Why not c? Disabling updates leaves servers vulnerable to exploits.

  • Why not d? Rebooting after each patch is unnecessary and disruptive.

Question 9: Correct Answer: a) Use ping and traceroute to identify the point of loss.

  • Why a? Ping and traceroute pinpoint where packet loss occurs in the VPN path, guiding targeted troubleshooting.

  • Why not b? Replacing hardware is premature without diagnosing the issue.

  • Why not c? Disabling the VPN disrupts secure connectivity.

  • Why not d? Upgrading software may not address network-specific packet loss.

Question 10: Correct Answer: d) Install a valid SSL/TLS certificate from a trusted CA.

  • Why d? A trusted certificate resolves certificate errors for external users, ensuring secure and accessible connections to the portal.

  • Why not a? Disabling HTTPS reduces security and is not a solution.

  • Why not b? Reinstalling Apache doesn’t address certificate issues.

  • Why not c? Self-signed certificates cause errors for external users.

Question 11: Correct Answer: a) Run terraform plan and review the output for errors.

  • Why a? terraform plan previews changes and highlights configuration errors, enabling targeted fixes without manual intervention.

  • Why not b? Rewriting the script is inefficient and unnecessary.

  • Why not c? Manual deployment undermines the benefits of IaC.

  • Why not d? Disabling IaC abandons the automation strategy.

Question 12: Correct Answer: c) Use a PAM tool to issue time-bound, just-in-time credentials.

  • Why c? PAM tools provide temporary credentials for elevated tasks, enhancing security by limiting access duration and scope.

  • Why not a? Permanent admin privileges violate security best practices.

  • Why not b? Disabling admin accounts prevents necessary administrative tasks.

  • Why not d? Sharing accounts reduces accountability and security.

Comments

Post a Comment

Popular posts from this blog

J10 - An insight of the Chinese 4.5 Gen Fighter Aircraft (with a Dash of Snark :-) !!!)

  Hold onto your flight helmets, folks, because we’re zooming into the Chengdu J-10, China’s sleek, pointy-nosed fighter jet that’s been turning heads and raising eyebrows—especially in the 2025 India-Pakistan crisis. Nicknamed the “Vigorous Dragon,” this single-engine, multirole beast is packed with electronics and electronic warfare (EW) systems that make it a formidable player in modern warfare. Built by the Chengdu Aircraft Corporation (CAC), the J-10 (especially the J-10CE variant) is Pakistan’s shiny new toy, and it’s been flexing its muscles against heavyweights like Rafale. Let’s unpack why its electronics and EW are the talk of the town, with a side of humor to keep things spicy. Avionics That Could Outsmart a Supercomputer : The J-10 boasts the KLJ-7A Active Electronically Scanned Array (AESA) radar, which is like having a hawk’s eyes on steroids including low probability of intercept (LPI). It tracks multiple targets at long ranges (up to 200+ km, per some sources), la...
Post a Comment
Read more

An Analysis of Pakistan’s Choice of J-35 Over J-20

  Pakistan’s decision to acquire the Shenyang J-35A (also referred to as FC-31 or J-31 in earlier iterations) over the Chengdu J-20 from China is a complex choice driven by economic, strategic, operational, and technical factors. This analysis provides a comprehensive examination, including a detailed technical comparison and the reasons behind Pakistan’s preference, based on available information up to May 24, 2025. Technical Analysis of J-35A vs. J-20 To understand Pakistan’s choice, a technical comparison of the two aircraft is essential. Both are fifth-generation fighters, but their design philosophies and capabilities differ significantly. Shenyang J-35A Type and Role : The J-35A is a fifth-generation, multirole stealth fighter, designed for both air superiority and ground attack missions. Its versatility makes it suitable for a range of operational needs. Dimensions : It has a length of approximately 16.9 meters and a wingspan of about 11.5 meters, making it smaller an...
Post a Comment
Read more

A Bird's eye view of Evolution and Technical Prowess of Fifth-Generation Fighter Aircraft

  The Evolution and Technical Prowess of Fifth-Generation Fighter Aircraft Fifth-generation fighter aircraft represent the pinnacle of modern aerospace engineering, integrating cutting-edge technologies to dominate the battlespace through stealth, advanced electronics, and unmatched versatility. Designed to operate in highly contested environments, these aircraft combine low-observable characteristics, sensor fusion, network-centric warfare capabilities, and advanced propulsion to outmatch adversaries. Picture this: a 5th generation fighter is like that sleek, mysterious stranger at a party who sneaks in unnoticed, knows everyone’s secrets, and leaves before the bill arrives. Meanwhile, 4.5 generation fighters are the life of the party, loud, versatile, and ready to dance with anyone, but they’re not quite invisible. The 5th generation stealthy superstars are—F-22 Raptor, F-35 Lightning II, J20 Mighty Dragon, J-35 Gyrfalcon, and Su-57 Felon—which can hold on their own against the ...
Post a Comment
Read more