SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MCTS: Monitoring Computers
Start Test
Study First
Subjects
:
certifications
,
mcts
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. What command should you run to configure a collecting computer?
Collector initiated
wecutil qc
System Performance
NMCap /network * /capture /file filename.cap
2. After using a Data Collector Set to gather information and then stopping the Data Collector Set - you can view a summary by right-clicking the Data Collector Set and then choosing ______.
winrm quickconfig -transport:https
Subscriptions
10
Latest Report
3. With ______ subscriptions - the forwarding computers contact the collecting computer.
Source computer initiated
Network Monitor
Ctrl+C
Start A Program - Send An E-mail - Display A Message
4. In Task Scheduler - click Create Basic Task in the actions pane. On the Trigger page of the wizard - select ______. Then - specify the Log - Source - and Event ID.
When A Specific Event Is Logged
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Windows Remote Management - Windows Event Collector
NMCap /network * /capture /file filename.cap
5. Although you can create data collector sets using the Logman tool - creating them using the Data Collector Sets console is easier. You can then run the data collector set by using the following command:
10
logman start "<Data Collector Set>"
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Performance Monitor
6. You can create two types of subscriptions:
event forwarding
gr
System Diagnostics
Collector initiated - Source computer initiated
7. ______ tracks a computer's stability.
System Performance
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
Application
Reliability Monitor
8. To capture network traffic from a command prompt - switch to the Network Monitor installation folder (C:Program FilesMicrosoft Network Monitor 3 by default) and run the following command:
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Latest Report
NMCap /network * /capture /file filename.cap
Server Manager
9. Windows Server 2008 R2 includes several built-in Data Collector Sets located at Data Collector SetsSystem:
Windows Remote Management - Windows Event Collector
Application - Security - Setup - System - Forwarded Events
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
Security
10. To use a Data Collector Set - right-click it - and then choose ______.
System Performance
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
NMCap /network * /capture "DNS" /file filename.cap
Start
11. This Windows log contains events generated by applications.
Application
Start A Program - Send An E-mail - Display A Message
ds
Wireless Diagnostics
12. Custom views are filters that can display events from ______.
NMCap /network * /capture /file filename.cap
Start A Program - Send An E-mail - Display A Message
winrm quickconfig
multiple logs
13. To open Reliability Monitor - right-click the ______ node in Server Manager and then click View System Reliability.
logman start "<Data Collector Set>"
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
Application
DiagnosticsPerformanceMonitoring Tools
14. Find an example of the event in Event Viewer. Then - right-click the event and click ______. A wizard will guide you through the process.
Attach Task To This Event
qc
wecutil qc
Reliability Monitor
15. The wecutil ______ parameter performs the initial configuration required to collect events. If a subscription already exists - the necessary configuration must have already been performed.
event forwarding
System
qc
Server Manager
16. You can also use the /inputcapture parameter of NMCap to process an existing capture file.E.g. To read a file named Capture1.cap and write a new capture file containing only HTTP packets - use this command:
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
Attach Task To This Event
Server Manager
logman start "<Data Collector Set>"
17. Because the forwarding computer must have HTTP and possibly HTTPS available - you can attempt to connect to it from the collecting computer by using Windows Internet Explorer
DiagnosticsPerformanceMonitoring Tools
Network Monitor
Windows Remote Management - Windows Event Collector
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
18. What command should you run to configure a forwarding computer?
gr
Active Directory Diagnostics
winrm quickconfig
Data Collector Sets
19. Microsoft provides ______ - a powerful protocol analyzer - as a free download.
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
5985 and 5986
Network Monitor
Forwarded Events
20. Present only on computers with wireless capabilities - the ______ Data Collector Set logs the same info as the LAN Diagnostics Data Collector Set - plus info relevant to troubleshooting wireless network connections.
Application - Security - Setup - System - Forwarded Events
Setup
Start A Program - Send An E-mail - Display A Message
Wireless Diagnostics
21. This captures all traffic on all network interfaces and saves it to a file named Filename.cap. When you are finished capturing - press ______.
Active Directory Diagnostics
Ctrl+C
Source computer initiated
network adapter
22. The log files are contained in two subnodes:
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Windows Logs and Applications And Services Logs.
NMCap /network * /capture /file filename.cap
Source computer initiated
23. To trigger a task when an event occurs - follow one of these three procedures:
winrm enumerate winrm/config/Listener
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
winrm quickconfig
Performance Monitor
24. The wecutil ______ parameter displays the status of subscriptions.
Windows Remote Management - Windows Event Collector
winrm enumerate winrm/config/Listener
gr
multiple logs
25. Network Monitor can capture only traffic that the ______ receives.
network adapter
winrm quickconfig -transport:https
Ctrl+C
5985 and 5986
26. Present only on DCs - the ______ Data Collector Set logs kernel trace data - AD trace data - performance counters - and AD registry configuration.
Ctrl+C
Active Directory Diagnostics
wecutil qc
Windows Remote Management - Windows Event Collector
27. At a command prompt with administrative privileges - run the following command to configure the Windows Remote Management service on the forwarding computer:
Active Directory Diagnostics
Start A Program - Send An E-mail - Display A Message
System
winrm quickconfig
28. Windows Logs contains five subnodes:
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
NMCap /network * /capture "DNS" /file filename.cap
Application - Security - Setup - System - Forwarded Events
Custom Views
29. With ______ subscriptions - the collecting computer contacts the source computers to retrieve events.
DiagnosticsPerformanceMonitoring Tools
qc
Data Collector Sets
Collector initiated
30. This Windows log contains auditing events that Windows adds when a user accesses or attempts to access a resource that has been configured for auditing.
DiagnosticsPerformanceMonitoring Tools
Security
Setup
RACAgent.exe
31. To use a filter capture - type the filter capture in quotation marks after the /capture parameter. For example - the following command captures only DNS traffic:
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
When A Specific Event Is Logged
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
NMCap /network * /capture "DNS" /file filename.cap
32. Logs all the info included in the System Performance Data Collector Set - plus detailed system information. Use the ______ Data Collector Set when troubleshooting reliability problems such as problematic hardware - driver failures - or Stop errors (a
System Diagnostics
gr
Latest Report
NMCap /network * /capture /file filename.cap
33. In Win Srvr 2008 and Win Srvr 2008 R2 - you can also simply select the ______ node in the console tree of Event Viewer to confiture the collecting computer.
Performance Monitor
System Performance
Security
Subscriptions
34. To verify that the forwarding computer has the Windows Remote Management listener properly configured - from an elevated command prompt - run the following command:
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
winrm quickconfig
Network Monitor
winrm enumerate winrm/config/Listener
35. Using event forwarding requires you to configure both the forwarding and collecting computers. First - you must start the following services on both the forwarding and collecting computer:
Windows Remote Management - Windows Event Collector
network adapter
logman start "<Data Collector Set>"
Network Monitor
36. Event forwarding uses HTTP or HTTPS to send events from a forwarding computer to a collecting computer. Instead of using the standard TCP ports 80 and 443 - HTTP and HTTPS use ports ______ - respectively.
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
qc
Windows Remote Management - Windows Event Collector
5985 and 5986
37. To run a file named Respond.exe whenever event 177 is published in the System event log - run the following command:
Security
Network Monitor
gr
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
38. ______ graphically shows real-time performance data - including processor utilization - network bandwidth usage - and thousands of other statistics.
Performance Monitor
Wireless Diagnostics
qc
Setup
39. The wecutil ______ parameter defines subscription configuration. To specify a custom interval for a subscription - run the following commands: ______.
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
Server Manager
Ctrl+C
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
40. To create a custom Data Collector Set - follow these steps:
10
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
winrm quickconfig
DiagnosticsPerformanceMonitoring Tools
41. When you create a custom view - Event Viewer saves it within the ______ node so that you can quickly view the same set of events.
Custom Views
Application - Security - Setup - System - Forwarded Events
Start A Program - Send An E-mail - Display A Message
Collector initiated - Source computer initiated
42. Computers that have no errors and no new software installations are considered stable and can achieve the maximum system stability index of ______.
Reliability Monitor
winrm quickconfig
Security
10
43. With ______ - you can send events that match specific criteria to an administrative computer - allowing you to centralize event management.
Security
System Diagnostics
event forwarding
Latest Report
44. ______ gather system information - including configuration settings and performance data - and store it in a data file.
Data Collector Sets
Start
multiple logs
qc
45. This Windows log contains events forwarded to this computer from other computers.
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Forwarded Events
qc
46. Logs processor - disk - memory - and network performance counters and kernel tracing. Use the ______ Data Collector Set when troubleshooting a slow computer or intermittent performance problems.
Windows Logs and Applications And Services Logs.
Data Collector Sets
winrm quickconfig
System Performance
47. To configure a computer running Vista - Win 7 - Win Srvr 2008 - or Win Srvr 2008 R2 to collect events - open a command prompt with administrative privileges. Then - run the following command to configure the Windows Event Collector service:
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
wecutil qc
Custom Views
Wireless Diagnostics
48. The Minimize Bandwidth and Minimize Latency options of Event Subscriptions - both batch a default number of items at a time. You can determine the value of this default by typing the following command at a command prompt:
winrm quickconfig
winrm get winrm/config
Active Directory Diagnostics
10
49. To configure Event Forwarding to use HTTPS - create a Windows Firewall exception for TCP port 5986 and run the following command:
5985 and 5986
winrm quickconfig -transport:https
NMCap /network * /capture /file filename.cap
DiagnosticsPerformanceMonitoring Tools
50. You can open Event Viewer from within ______ by selecting the DiagnosticsEvent Viewer node.
Server Manager
Source computer initiated
Windows Remote Management - Windows Event Collector
Windows Logs and Applications And Services Logs.
