SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MCTS: Monitoring Computers
Start Test
Study First
Subjects
:
certifications
,
mcts
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. To use a Data Collector Set - right-click it - and then choose ______.
winrm enumerate winrm/config/Listener
Start
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
2. In Task Scheduler - click Create Basic Task in the actions pane. On the Trigger page of the wizard - select ______. Then - specify the Log - Source - and Event ID.
wecutil qc
System Diagnostics
winrm enumerate winrm/config/Listener
When A Specific Event Is Logged
3. You can open Event Viewer from within ______ by selecting the DiagnosticsEvent Viewer node.
Server Manager
Reliability Monitor
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
4. The wecutil ______ parameter performs the initial configuration required to collect events. If a subscription already exists - the necessary configuration must have already been performed.
ds
winrm quickconfig
qc
gr
5. This Windows log contains events generated while installing and updating Windows.
Server Manager
Application
Reliability Monitor
Setup
6. This Windows log contains core system events. Other system events are contained with Applications And Services Logs.
Collector initiated - Source computer initiated
DiagnosticsPerformanceMonitoring Tools
System
winrm enumerate winrm/config/Listener
7. This Windows log contains auditing events that Windows adds when a user accesses or attempts to access a resource that has been configured for auditing.
Performance Monitor
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
Collector initiated - Source computer initiated
Security
8. With ______ - you can send events that match specific criteria to an administrative computer - allowing you to centralize event management.
Latest Report
wecutil qc
Reliability Monitor
event forwarding
9. With event forwarding - only these Windows versions can act as forwarding computers:
Subscriptions
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
Setup
Collector initiated
10. This Windows log contains events generated by applications.
Application
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
multiple logs
gr
11. Network Monitor can capture only traffic that the ______ receives.
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Server Manager
network adapter
Application
12. ______ gather system information - including configuration settings and performance data - and store it in a data file.
Start
Data Collector Sets
When A Specific Event Is Logged
Windows Logs and Applications And Services Logs.
13. The wecutil ______ parameter displays the status of subscriptions.
qc
Wireless Diagnostics
gr
Security
14. Event forwarding uses HTTP or HTTPS to send events from a forwarding computer to a collecting computer. Instead of using the standard TCP ports 80 and 443 - HTTP and HTTPS use ports ______ - respectively.
5985 and 5986
RACAgent.exe
Application - Security - Setup - System - Forwarded Events
Reliability Monitor
15. Event forwarding uses ______ or ______ to send events from a forwarding computer to a collecting computer.
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
multiple logs
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Application
16. This Windows log contains events forwarded to this computer from other computers.
ds
Windows Remote Management - Windows Event Collector
Latest Report
Forwarded Events
17. Windows Logs contains five subnodes:
Application - Security - Setup - System - Forwarded Events
winrm quickconfig -transport:https
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
Custom Views
18. After using a Data Collector Set to gather information and then stopping the Data Collector Set - you can view a summary by right-clicking the Data Collector Set and then choosing ______.
Windows Logs and Applications And Services Logs.
NMCap /network * /capture "DNS" /file filename.cap
Latest Report
Data Collector Sets
19. What command should you run to configure a collecting computer?
Active Directory Diagnostics
wecutil qc
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
20. Although you can create data collector sets using the Logman tool - creating them using the Data Collector Sets console is easier. You can then run the data collector set by using the following command:
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
logman start "<Data Collector Set>"
ds
Application
21. To use a filter capture - type the filter capture in quotation marks after the /capture parameter. For example - the following command captures only DNS traffic:
DiagnosticsPerformanceMonitoring Tools
NMCap /network * /capture /file filename.cap
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
NMCap /network * /capture "DNS" /file filename.cap
22. Windows Server 2008 R2 includes several built-in Data Collector Sets located at Data Collector SetsSystem:
Application
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
System Performance
23. With event forwarding - only these Windows versions can act as collecting computers:
Collector initiated
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
NMCap /network * /capture "DNS" /file filename.cap
24. You can create two types of subscriptions:
winrm quickconfig
Windows Remote Management - Windows Event Collector
Wireless Diagnostics
Collector initiated - Source computer initiated
25. Microsoft provides ______ - a powerful protocol analyzer - as a free download.
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Latest Report
Network Monitor
Performance Monitor
26. Using event forwarding requires you to configure both the forwarding and collecting computers. First - you must start the following services on both the forwarding and collecting computer:
103
RACAgent.exe
Wireless Diagnostics
Windows Remote Management - Windows Event Collector
27. Computers that have no errors and no new software installations are considered stable and can achieve the maximum system stability index of ______.
10
Server Manager
event forwarding
wecutil qc
28. One of the most useful ways to use Task Scheduler is to launch a task in response to a specific event type that appears in Event Viewer. You can respond to events in three ways:
Start A Program - Send An E-mail - Display A Message
Ctrl+C
gr
Server Manager
29. Custom views are filters that can display events from ______.
Security
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
winrm quickconfig -transport:https
multiple logs
30. ______ tracks a computer's stability.
Custom Views
logman start "<Data Collector Set>"
Reliability Monitor
winrm get winrm/config
31. To run a file named Respond.exe whenever event 177 is published in the System event log - run the following command:
System Diagnostics
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Windows Remote Management - Windows Event Collector
Network Monitor
32. The Minimize Bandwidth and Minimize Latency options of Event Subscriptions - both batch a default number of items at a time. You can determine the value of this default by typing the following command at a command prompt:
winrm get winrm/config
When A Specific Event Is Logged
qc
Attach Task To This Event
33. With ______ subscriptions - the forwarding computers contact the collecting computer.
Network Monitor
winrm enumerate winrm/config/Listener
Source computer initiated
ds
34. You can also use the /inputcapture parameter of NMCap to process an existing capture file.E.g. To read a file named Capture1.cap and write a new capture file containing only HTTP packets - use this command:
Source computer initiated
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
Subscriptions
Windows Remote Management - Windows Event Collector
35. To capture network traffic from a command prompt - switch to the Network Monitor installation folder (C:Program FilesMicrosoft Network Monitor 3 by default) and run the following command:
Security
NMCap /network * /capture /file filename.cap
Windows Logs and Applications And Services Logs.
10
36. This captures all traffic on all network interfaces and saves it to a file named Filename.cap. When you are finished capturing - press ______.
Wireless Diagnostics
Ctrl+C
Subscriptions
Collector initiated - Source computer initiated
37. Logs all the info included in the System Performance Data Collector Set - plus detailed system information. Use the ______ Data Collector Set when troubleshooting reliability problems such as problematic hardware - driver failures - or Stop errors (a
System Diagnostics
RACAgent.exe
Security
NMCap /network * /capture /file filename.cap
38. To open Reliability Monitor - right-click the ______ node in Server Manager and then click View System Reliability.
Collector initiated
DiagnosticsPerformanceMonitoring Tools
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
Windows Logs and Applications And Services Logs.
39. ______ graphically shows real-time performance data - including processor utilization - network bandwidth usage - and thousands of other statistics.
Performance Monitor
Reliability Monitor
Collector initiated
gr
40. With ______ subscriptions - the collecting computer contacts the source computers to retrieve events.
Collector initiated - Source computer initiated
winrm get winrm/config
System Performance
Collector initiated
41. Present only on DCs - the ______ Data Collector Set logs kernel trace data - AD trace data - performance counters - and AD registry configuration.
Subscriptions
Server Manager
Ctrl+C
Active Directory Diagnostics
42. In Win Srvr 2008 and Win Srvr 2008 R2 - you can also simply select the ______ node in the console tree of Event Viewer to confiture the collecting computer.
Start
RACAgent.exe
Subscriptions
wecutil qc
43. The wecutil ______ parameter defines subscription configuration. To specify a custom interval for a subscription - run the following commands: ______.
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
winrm get winrm/config
winrm quickconfig
44. Logs processor - disk - memory - and network performance counters and kernel tracing. Use the ______ Data Collector Set when troubleshooting a slow computer or intermittent performance problems.
System Performance
Latest Report
Collector initiated
System
45. When you create a custom view - Event Viewer saves it within the ______ node so that you can quickly view the same set of events.
Source computer initiated
Network Monitor
Custom Views
Windows Remote Management - Windows Event Collector
46. Present only on computers with wireless capabilities - the ______ Data Collector Set logs the same info as the LAN Diagnostics Data Collector Set - plus info relevant to troubleshooting wireless network connections.
Wireless Diagnostics
Custom Views
Reliability Monitor
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
47. The wecutil ______ parameter deletes a subscription.
Start A Program - Send An E-mail - Display A Message
Collector initiated - Source computer initiated
ds
Reliability Monitor
48. The Reliability Monitor displays data gathered by the Reliability Analysis Component (RAC) - which is implemented using ______ command.
RACAgent.exe
winrm quickconfig -transport:https
wecutil qc
NMCap /network * /capture /file filename.cap
49. At a command prompt with administrative privileges - run the following command to configure the Windows Remote Management service on the forwarding computer:
winrm quickconfig
103
Start A Program - Send An E-mail - Display A Message
Subscriptions
50. To configure a computer running Vista - Win 7 - Win Srvr 2008 - or Win Srvr 2008 R2 to collect events - open a command prompt with administrative privileges. Then - run the following command to configure the Windows Event Collector service:
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
DiagnosticsPerformanceMonitoring Tools
wecutil qc
multiple logs
