SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MCTS: Monitoring Computers
Start Test
Study First
Subjects
:
certifications
,
mcts
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. This Windows log contains events generated by applications.
Application
Attach Task To This Event
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
NMCap /network * /capture "DNS" /file filename.cap
2. Event forwarding uses ______ or ______ to send events from a forwarding computer to a collecting computer.
DiagnosticsPerformanceMonitoring Tools
5985 and 5986
Wireless Diagnostics
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
3. With event forwarding - only these Windows versions can act as forwarding computers:
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
DiagnosticsPerformanceMonitoring Tools
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
4. Windows Logs contains five subnodes:
Collector initiated
Subscriptions
Wireless Diagnostics
Application - Security - Setup - System - Forwarded Events
5. When you create a custom view - Event Viewer saves it within the ______ node so that you can quickly view the same set of events.
ds
System Performance
Custom Views
Wireless Diagnostics
6. This captures all traffic on all network interfaces and saves it to a file named Filename.cap. When you are finished capturing - press ______.
Custom Views
Windows Remote Management - Windows Event Collector
Ctrl+C
wecutil qc
7. To open Reliability Monitor - right-click the ______ node in Server Manager and then click View System Reliability.
DiagnosticsPerformanceMonitoring Tools
Collector initiated - Source computer initiated
Start A Program - Send An E-mail - Display A Message
Security
8. In Win Srvr 2008 and Win Srvr 2008 R2 - you can also simply select the ______ node in the console tree of Event Viewer to confiture the collecting computer.
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Subscriptions
qc
Attach Task To This Event
9. This Windows log contains core system events. Other system events are contained with Applications And Services Logs.
System
ds
gr
winrm enumerate winrm/config/Listener
10. Check the Applications And Services LogsMicrosoftWindowsEventlog-ForwardingPluginOperational event log and verify that the subscription was created successfully. Event ID 100 indicates a new subscription whereas Event ID ______ indicates a subscripti
Windows Remote Management - Windows Event Collector
Forwarded Events
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
103
11. Because the forwarding computer must have HTTP and possibly HTTPS available - you can attempt to connect to it from the collecting computer by using Windows Internet Explorer
Data Collector Sets
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
wecutil qc
103
12. Windows Server 2008 R2 includes several built-in Data Collector Sets located at Data Collector SetsSystem:
Active Directory Diagnostics
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
When A Specific Event Is Logged
winrm quickconfig
13. What command should you run to configure a forwarding computer?
Application - Security - Setup - System - Forwarded Events
System Diagnostics
gr
winrm quickconfig
14. Microsoft provides ______ - a powerful protocol analyzer - as a free download.
Subscriptions
When A Specific Event Is Logged
Active Directory Diagnostics
Network Monitor
15. In Task Scheduler - click Create Basic Task in the actions pane. On the Trigger page of the wizard - select ______. Then - specify the Log - Source - and Event ID.
When A Specific Event Is Logged
Data Collector Sets
Application
logman start "<Data Collector Set>"
16. With ______ - you can send events that match specific criteria to an administrative computer - allowing you to centralize event management.
event forwarding
Collector initiated - Source computer initiated
ds
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
17. To trigger a task when an event occurs - follow one of these three procedures:
winrm quickconfig
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
Collector initiated
RACAgent.exe
18. Computers that have no errors and no new software installations are considered stable and can achieve the maximum system stability index of ______.
Data Collector Sets
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
10
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
19. Using event forwarding requires you to configure both the forwarding and collecting computers. First - you must start the following services on both the forwarding and collecting computer:
Active Directory Diagnostics
Windows Remote Management - Windows Event Collector
Custom Views
Reliability Monitor
20. This Windows log contains events generated while installing and updating Windows.
DiagnosticsPerformanceMonitoring Tools
Setup
wecutil qc
When A Specific Event Is Logged
21. You can open Event Viewer from within ______ by selecting the DiagnosticsEvent Viewer node.
Ctrl+C
Server Manager
NMCap /network * /capture "DNS" /file filename.cap
Windows Remote Management - Windows Event Collector
22. At a command prompt with administrative privileges - run the following command to configure the Windows Remote Management service on the forwarding computer:
Application - Security - Setup - System - Forwarded Events
Windows Logs and Applications And Services Logs.
RACAgent.exe
winrm quickconfig
23. To use a Data Collector Set - right-click it - and then choose ______.
Start A Program - Send An E-mail - Display A Message
winrm quickconfig
Start
network adapter
24. ______ graphically shows real-time performance data - including processor utilization - network bandwidth usage - and thousands of other statistics.
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Performance Monitor
Server Manager
Application
25. The log files are contained in two subnodes:
Windows Remote Management - Windows Event Collector
Reliability Monitor
Windows Logs and Applications And Services Logs.
System Diagnostics
26. The wecutil ______ parameter defines subscription configuration. To specify a custom interval for a subscription - run the following commands: ______.
Server Manager
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
Network Monitor
Active Directory Diagnostics
27. The Minimize Bandwidth and Minimize Latency options of Event Subscriptions - both batch a default number of items at a time. You can determine the value of this default by typing the following command at a command prompt:
winrm get winrm/config
Source computer initiated
System Diagnostics
logman start "<Data Collector Set>"
28. Custom views are filters that can display events from ______.
qc
multiple logs
System
Source computer initiated
29. Present only on DCs - the ______ Data Collector Set logs kernel trace data - AD trace data - performance counters - and AD registry configuration.
Application
wecutil qc
Active Directory Diagnostics
System
30. You can also use the /inputcapture parameter of NMCap to process an existing capture file.E.g. To read a file named Capture1.cap and write a new capture file containing only HTTP packets - use this command:
System Performance
Application
winrm quickconfig
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
31. ______ tracks a computer's stability.
Reliability Monitor
ds
Windows Remote Management - Windows Event Collector
When A Specific Event Is Logged
32. ______ gather system information - including configuration settings and performance data - and store it in a data file.
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
Data Collector Sets
Windows Remote Management - Windows Event Collector
33. Network Monitor can capture only traffic that the ______ receives.
Security
Windows Remote Management - Windows Event Collector
Network Monitor
network adapter
34. The wecutil ______ parameter displays the status of subscriptions.
System Diagnostics
Wireless Diagnostics
gr
Start
35. Although you can create data collector sets using the Logman tool - creating them using the Data Collector Sets console is easier. You can then run the data collector set by using the following command:
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
logman start "<Data Collector Set>"
Application - Security - Setup - System - Forwarded Events
wecutil qc
36. The wecutil ______ parameter deletes a subscription.
Performance Monitor
event forwarding
wecutil qc
ds
37. To verify that the forwarding computer has the Windows Remote Management listener properly configured - from an elevated command prompt - run the following command:
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
winrm enumerate winrm/config/Listener
Start
Windows Remote Management - Windows Event Collector
38. Event forwarding uses HTTP or HTTPS to send events from a forwarding computer to a collecting computer. Instead of using the standard TCP ports 80 and 443 - HTTP and HTTPS use ports ______ - respectively.
Windows Logs and Applications And Services Logs.
wecutil qc
5985 and 5986
Security
39. With ______ subscriptions - the collecting computer contacts the source computers to retrieve events.
Network Monitor
Collector initiated - Source computer initiated
Collector initiated
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
40. With event forwarding - only these Windows versions can act as collecting computers:
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Setup
System
winrm quickconfig -transport:https
41. To create a custom Data Collector Set - follow these steps:
winrm quickconfig -transport:https
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Attach Task To This Event
42. What command should you run to configure a collecting computer?
network adapter
gr
multiple logs
wecutil qc
43. You can create two types of subscriptions:
Collector initiated - Source computer initiated
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
NMCap /network * /capture /file filename.cap
Source computer initiated
44. The Reliability Monitor displays data gathered by the Reliability Analysis Component (RAC) - which is implemented using ______ command.
RACAgent.exe
Network Monitor
Wireless Diagnostics
When A Specific Event Is Logged
45. This Windows log contains events forwarded to this computer from other computers.
multiple logs
Forwarded Events
Active Directory Diagnostics
ds
46. To configure Event Forwarding to use HTTPS - create a Windows Firewall exception for TCP port 5986 and run the following command:
winrm quickconfig -transport:https
Setup
System
NMCap /network * /capture /file filename.cap
47. Present only on computers with wireless capabilities - the ______ Data Collector Set logs the same info as the LAN Diagnostics Data Collector Set - plus info relevant to troubleshooting wireless network connections.
Wireless Diagnostics
Performance Monitor
winrm quickconfig
Active Directory Diagnostics
48. To run a file named Respond.exe whenever event 177 is published in the System event log - run the following command:
Data Collector Sets
Attach Task To This Event
Ctrl+C
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
49. The wecutil ______ parameter performs the initial configuration required to collect events. If a subscription already exists - the necessary configuration must have already been performed.
10
ds
event forwarding
qc
50. Find an example of the event in Event Viewer. Then - right-click the event and click ______. A wizard will guide you through the process.
Setup
winrm quickconfig
Attach Task To This Event
wecutil qc
