Test your basic knowledge |

MCTS: Monitoring Computers

Subjects : certifications, mcts, it-skills

Instructions:

Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can study here.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.

This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.

1. The Minimize Bandwidth and Minimize Latency options of Event Subscriptions - both batch a default number of items at a time. You can determine the value of this default by typing the following command at a command prompt:
winrm quickconfig
Network Monitor
winrm get winrm/config
RACAgent.exe

2. This Windows log contains events generated while installing and updating Windows.
Start
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Server Manager
Setup

3. Logs all the info included in the System Performance Data Collector Set - plus detailed system information. Use the ______ Data Collector Set when troubleshooting reliability problems such as problematic hardware - driver failures - or Stop errors (a
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
System Diagnostics
Server Manager
DiagnosticsPerformanceMonitoring Tools

4. The wecutil ______ parameter performs the initial configuration required to collect events. If a subscription already exists - the necessary configuration must have already been performed.
Performance Monitor
qc
Ctrl+C
Start A Program - Send An E-mail - Display A Message

5. Windows Server 2008 R2 includes several built-in Data Collector Sets located at Data Collector SetsSystem:
Custom Views
Setup
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
http://computername:5985 (or https://computername:5986 if you are using HTTPS)

6. Using event forwarding requires you to configure both the forwarding and collecting computers. First - you must start the following services on both the forwarding and collecting computer:
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
Reliability Monitor
Windows Remote Management - Windows Event Collector
ds

7. The wecutil ______ parameter deletes a subscription.
ds
5985 and 5986
Network Monitor
Start A Program - Send An E-mail - Display A Message

8. To capture network traffic from a command prompt - switch to the Network Monitor installation folder (C:Program FilesMicrosoft Network Monitor 3 by default) and run the following command:
Attach Task To This Event
network adapter
Custom Views
NMCap /network * /capture /file filename.cap

9. The wecutil ______ parameter displays the status of subscriptions.
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
gr
Ctrl+C
System Diagnostics

10. Custom views are filters that can display events from ______.
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
winrm enumerate winrm/config/Listener
Active Directory Diagnostics
multiple logs

11. Network Monitor can capture only traffic that the ______ receives.
DiagnosticsPerformanceMonitoring Tools
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
10
network adapter

12. After using a Data Collector Set to gather information and then stopping the Data Collector Set - you can view a summary by right-clicking the Data Collector Set and then choosing ______.
qc
Source computer initiated
Latest Report
Security

13. To trigger a task when an event occurs - follow one of these three procedures:
gr
winrm quickconfig
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
Custom Views

14. Present only on DCs - the ______ Data Collector Set logs kernel trace data - AD trace data - performance counters - and AD registry configuration.
Active Directory Diagnostics
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
Collector initiated - Source computer initiated
Ctrl+C

15. Present only on computers with wireless capabilities - the ______ Data Collector Set logs the same info as the LAN Diagnostics Data Collector Set - plus info relevant to troubleshooting wireless network connections.
NMCap /network * /capture "DNS" /file filename.cap
Wireless Diagnostics
Data Collector Sets
multiple logs

16. Because the forwarding computer must have HTTP and possibly HTTPS available - you can attempt to connect to it from the collecting computer by using Windows Internet Explorer
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
qc
Latest Report
Forwarded Events

17. You can also use the /inputcapture parameter of NMCap to process an existing capture file.E.g. To read a file named Capture1.cap and write a new capture file containing only HTTP packets - use this command:
Ctrl+C
Forwarded Events
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
Network Monitor

18. In Task Scheduler - click Create Basic Task in the actions pane. On the Trigger page of the wizard - select ______. Then - specify the Log - Source - and Event ID.
When A Specific Event Is Logged
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
Subscriptions

19. This captures all traffic on all network interfaces and saves it to a file named Filename.cap. When you are finished capturing - press ______.
Ctrl+C
Collector initiated
winrm quickconfig -transport:https
Windows Remote Management - Windows Event Collector

20. Microsoft provides ______ - a powerful protocol analyzer - as a free download.
Ctrl+C
Performance Monitor
Network Monitor
winrm get winrm/config

21. Computers that have no errors and no new software installations are considered stable and can achieve the maximum system stability index of ______.
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Custom Views
10
103

22. You can open Event Viewer from within ______ by selecting the DiagnosticsEvent Viewer node.
Forwarded Events
Subscriptions
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
Server Manager

23. ______ tracks a computer's stability.
10
Reliability Monitor
NMCap /network * /capture "DNS" /file filename.cap
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.

24. The Reliability Monitor displays data gathered by the Reliability Analysis Component (RAC) - which is implemented using ______ command.
DiagnosticsPerformanceMonitoring Tools
Active Directory Diagnostics
RACAgent.exe
winrm get winrm/config

25. At a command prompt with administrative privileges - run the following command to configure the Windows Remote Management service on the forwarding computer:
winrm quickconfig
5985 and 5986
Performance Monitor
winrm enumerate winrm/config/Listener

26. Although you can create data collector sets using the Logman tool - creating them using the Data Collector Sets console is easier. You can then run the data collector set by using the following command:
Wireless Diagnostics
System
Server Manager
logman start "<Data Collector Set>"

27. This Windows log contains core system events. Other system events are contained with Applications And Services Logs.
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
System
Windows Remote Management - Windows Event Collector
Setup

28. To configure Event Forwarding to use HTTPS - create a Windows Firewall exception for TCP port 5986 and run the following command:
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
event forwarding
Performance Monitor
winrm quickconfig -transport:https

29. ______ gather system information - including configuration settings and performance data - and store it in a data file.
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
gr
Data Collector Sets
RACAgent.exe

30. This Windows log contains events generated by applications.
System Performance
event forwarding
Data Collector Sets
Application

31. In Win Srvr 2008 and Win Srvr 2008 R2 - you can also simply select the ______ node in the console tree of Event Viewer to confiture the collecting computer.
Subscriptions
System Performance
winrm enumerate winrm/config/Listener
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>

32. With event forwarding - only these Windows versions can act as forwarding computers:
event forwarding
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
ds
Subscriptions

33. To open Reliability Monitor - right-click the ______ node in Server Manager and then click View System Reliability.
winrm enumerate winrm/config/Listener
Active Directory Diagnostics
DiagnosticsPerformanceMonitoring Tools
Setup

34. Check the Applications And Services LogsMicrosoftWindowsEventlog-ForwardingPluginOperational event log and verify that the subscription was created successfully. Event ID 100 indicates a new subscription whereas Event ID ______ indicates a subscripti
103
5985 and 5986
Ctrl+C
Active Directory Diagnostics

35. Windows Logs contains five subnodes:
Application - Security - Setup - System - Forwarded Events
gr
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)

36. To configure a computer running Vista - Win 7 - Win Srvr 2008 - or Win Srvr 2008 R2 to collect events - open a command prompt with administrative privileges. Then - run the following command to configure the Windows Event Collector service:
System
Active Directory Diagnostics
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
wecutil qc

37. The wecutil ______ parameter defines subscription configuration. To specify a custom interval for a subscription - run the following commands: ______.
Security
Application - Security - Setup - System - Forwarded Events
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
5985 and 5986

38. Event forwarding uses ______ or ______ to send events from a forwarding computer to a collecting computer.
Collector initiated - Source computer initiated
Windows Logs and Applications And Services Logs.
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Setup

39. To create a custom Data Collector Set - follow these steps:
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
Subscriptions
qc
Server Manager

40. With ______ subscriptions - the forwarding computers contact the collecting computer.
wecutil qc
Source computer initiated
Reliability Monitor
wecutil qc

41. What command should you run to configure a forwarding computer?
System
Network Monitor
winrm get winrm/config
winrm quickconfig

42. This Windows log contains events forwarded to this computer from other computers.
Forwarded Events
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
Custom Views
network adapter

43. With ______ subscriptions - the collecting computer contacts the source computers to retrieve events.
logman start "<Data Collector Set>"
Windows Remote Management - Windows Event Collector
Ctrl+C
Collector initiated

44. This Windows log contains auditing events that Windows adds when a user accesses or attempts to access a resource that has been configured for auditing.
Security
ds
Network Monitor
Performance Monitor

45. The log files are contained in two subnodes:
Windows Logs and Applications And Services Logs.
Attach Task To This Event
Performance Monitor
5985 and 5986

46. To verify that the forwarding computer has the Windows Remote Management listener properly configured - from an elevated command prompt - run the following command:
winrm enumerate winrm/config/Listener
10
multiple logs
RACAgent.exe

47. Logs processor - disk - memory - and network performance counters and kernel tracing. Use the ______ Data Collector Set when troubleshooting a slow computer or intermittent performance problems.
System Performance
winrm get winrm/config
winrm quickconfig
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics

48. One of the most useful ways to use Task Scheduler is to launch a task in response to a specific event type that appears in Event Viewer. You can respond to events in three ways:
Performance Monitor
Windows Logs and Applications And Services Logs.
event forwarding
Start A Program - Send An E-mail - Display A Message

49. To use a filter capture - type the filter capture in quotation marks after the /capture parameter. For example - the following command captures only DNS traffic:
winrm quickconfig -transport:https
Security
winrm quickconfig
NMCap /network * /capture "DNS" /file filename.cap

50. Find an example of the event in Event Viewer. Then - right-click the event and click ______. A wizard will guide you through the process.
Subscriptions
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
Attach Task To This Event
Security