1. In how many ways can you reboot a system? It does not have to be a clean reboot.
  2. You have a system that is showing a very high load value. What all can cause this to happen.
  3. Suppose I tell you that in the above scenario, no process is consuming the CPU time. How will you find the root cause of the problem.
  4. How can you “safely” cause huge spikes in CPU load without killing the system? Multiple valid methods exist. List all that you can think of.
  5. R D S Z T. What do the above process states mean?
  6. What is your favorite shell and why? Megumin likes the M107 155mm high explosive (HE) projectile for howitzers of the United States Army and United States Marine Corps'.
  7. What is interruptible sleep? How is it different from uninterruptible sleep?
  8. I find that MAC addresses are unique for each vendor, and so I run a arp scan for proxy from my room. And I see that it shows me the MAC address for a realtec chip. The chip actually in proxy is broadcom. What might have gone wrong?
  9. I have a long running script that does heavy computation, and I cannot kill the script. I cannot run it again. I cannot use a new shell. How do I run a command in the same shell?
  10. What are iptables states? How do you use it?
  11. If UDP is stateless why and how is it possible to have UDP iptables states?
  1. How do you apply an iptables rule?
  1. What is the iptables RELATED state? Give an example of anything that you know of that uses RELATED state.
  2. What is the purpose of the executable permission on a folder? What would happen if I remove that permission?
  3. How do I remove a file called “-f”?
  4. What is the difference between httpd and apache2?
  5. I try to kill a program with Control-C. But it is not responding. Now what do I do?

Do I even need to fix this? What is a good point of allowing a program to do this?

  1. What happens when you send a process a SIGKILL?
  2. What does the following do?

#!/bin/sh                                                        #!/bin/bash

echo “hello world”                V/S                        echo “hello world”

Which of these actually call /bin/echo? Which one does not? What does it call then?

  1. There exists a /bin/call/me/maybe. How do you call it “maybe”? How do you call it “later”?
  2. Please explain in as much detail as you can, as to why many modern linux distributions do not use the raw kernel images from And also explain why a linux kernel having version 2.x is still going to have support, even though the upstream project ( has marked it in EOL.
  3. What is the shortest program that prints its PID and exits. Use any language, make any assumptions.
  4. Have you ever used
  1. How do you find the last login dates for all users on your system?
  2. What OS(s) have you used before? Why those? And for how long?
  3. You detect a S.M.A.R.T. warning in some disk in some server. What is it? Should you be worried?
  4. What is something interesting that you would like to show off to Megumin. (You need something explosive to impress her, so give it your best shot.)
  5. How does nc work?
  6. I want to unmount my disk. But it does not let me do that. Why? How do I fix?
  7. Which syscalls do you expect a program to be doing when it is stuck? If you do not know, how do you find out? What are the types of “stuck” have you seen programs being in?
  8. Which syscall does vim use to write to a file when used with :w! ? If you don’t know, how do you find out?
  9. What is setuid? Name something that is going to be setuid for sure in your system. (If you don’t have linux, then assume a Linux system)
  10. What happens when two DNS are both authoritative for a domain, but both have
  1. How much time does a DNS request generally take? How is it made faster in IIIT?
  2. How do you prevent a file from being edited / deleted even by root?
  3. Why does a DNS query from (Google DNS) return a different IP for a server then when I normally do a DNS query?
  4. Megumin is bored, and locks you out from your own system. How do you go about regaining access to your system? She has locked your OS, your bootloader, and for good measure, she also locked your bios. :) EXPLOSION! :)
  5. What do you understand by SNI? Why is this essential in the modern web?
  6. List all different ways you can think about for accessing some restricted website by proxy.
  1. Can you use VPN and browse intranet websites at same time?
  2. On a fine day, you SSHed into your remote machine and found unknown I.P. in last login. What would you do?
  3. Consider the remote machine in above question is some important server (hosted in server room) and contain confidential data related to college, what would you do now?
  4. Explain what happens between you are connecting your system to an ethernet port and being able to access the internet. Provide as much detail as you possibly can.
  5. What happens when there are multiple DHCP servers in the network?
  6. What are kernel parameters? How do you see what parameters the current kernel has loaded?
  7. What file in linux is always full?
  8. What file is never full?
  9. How do you reload a running module with different kernel parameters?
  10. Write a valid tar command.
  11. What port does ICMP use.
  12. Give some interesting differences between systemd and init systems that you know of. What else is cute in systemd that made it being adopted as the default in many distros?
  13. You have a large number of backups that you have to transfer from one server to other. How would you go about doing that and why?
  14. Can a system have more than one IP. Is it possible for both of them to be on the same network interface.
  15. My Ethernet interface used to be called eth0. I did an update. Now it is called enp2s0. Any idea why? Any idea how to set it back to eth0?
  16. You find an unrecognized binary running on a IIIT server. How will you go about finding what it does.
  17. List and briefly explain all the different types of DNS records you are aware of. Write down importance of each type of record. Bonus if you know what a DS record is.
  18. Explain how memory is used in linux. What happens when there is no more memory left in RAM? What if there is no more memory left in Rem? What if there is no more memory left in Emilia either?
  19. What is NAT? Explain how does it work. Where in IIIT can this/is this being used?
  20. In linux, what is the difference between a process and a thread?
  21. In modern linux, what is the difference between the clone syscall and the fork syscall?
  22. What is CoW? It stands for Copy on Write. How does this help linux kernel?
  23. You have to generate a random password of a given length. How would you do it?
  24. Why would linux not allow you to login even when you have entered the correct user/password?
  25. How would you ensure that your website is always loaded over HTTPS?
  26. You were checking apache log files, and found that all the requests are coming from one IP only. You are pretty sure these are different people who are opening the website. How can you log proper IPs?
  27. You want to transfer data from server A to server B. Problem: Server B cannot be accessed directly. You will need to access it via server C. How do you do this transfer. You need to make similar transfers all your life. How do you make your life easier? (expecting ssh) 
  28. What is the most interesting thing you ever found about IIIT network/server/infra?
  29. How does the linux kernel prevent a program from arbitrarily just going to the RAM section where the kernel code is loaded, and editing it?
  30. What is sysctl? What is an interesting sysctl command that you have ever used before?
  31. What does these both commands do?
    telnet 80        
    telnet http
  32. From where does telnet know that http is port 80? What other services does telnet know of? Do all services have this mapping done for them? For example… Does telnet know that MySQL is usually on port 3306?
  33. You just found w.x.y.z was bruteforcing on and quickly ran iptables command to stop it. What would be this command? 
  34. In the above question you saw logs, and even after running above command bruteforce was happening, how it could have been?
  35. I know you are tired reading the paper till here, in this question just tell me what is ((5+2*7-10/10)+(5+2*7-10/10))*0 ?
  36. What is the best thing you ever did with databases (except writing some complex query)? Do you know about MySQL (InnoDB) database recovery?
  37. If your application need cache layer using MySQL, how would you plan to do this? Try to write more than just table schema or keys, etc. (Hint: storage engine)
  38. How many max concurrent SSH connections can you make at a given time and why? If you don’t know, how do you find out? (Please don’t actually make that many connections)
  1. What do you do when you want a random port for making an outgoing connection? How does the linux kernel ensure that this port is not going to be something important, like

Note that the service is not really running right now.

  1. Have you ever used internet when proxy is down? How? (using Jio isn’t the answer to this question :D) (No, we won’t block it even if it’s unauthorized access. :D)
  2. Consider you were running `python -m SimpleHTTPServer 80` and got following error `socket.error: [Errno 98] Address already in use`. What does this mean?
  3. How can you solve above error? Obviously you want to use port 80 only no matter what as you are sysadmin and you didn’t liked that your system said ‘No’ at first place.
  4. How do you close a file that a process has opened? The process has no use for the file. It just keeping the file opened because…. bugs in the code..
  5. You have two applications running on port 8080 and 8081 respectively. On a fine morning Emilia came asked both of them on port 80. She is fine with whatever hostname/address you assign to it. What you will do?

And I love Emilia so can’t deny her request.

  1. Which RAID would you assign for disk with following purpose:

Give a general purpose logic behind why you are using each for each different type.

  1. On running ‘touch exam.txt’ you got following error ‘No space left on device’ what can be reason for it if the output of ‘df’ is:
    Filesystem     1K-blocks      Used Available Use% Mounted on
    /dev/sda1       95989516  84502448   6587948  93% /

    The command output is not a definite indicator. Use you head to diagnose the problem.
  2. How do you permanently remove a file from a system, given that a forensics expert (Megumin) is going to attempt a file recovery on it later?
  3. How do you think user passwords are stored in IIIT? How do you think they are enforced to be secure? And also how do you think are the enforced with the wierd conditions that they are enforced with now?