SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
|
Email
Search
Test your basic knowledge |
MCTS: Monitoring Computers
Start Test
Study First
Subjects
:
certifications
,
mcts
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. After using a Data Collector Set to gather information and then stopping the Data Collector Set - you can view a summary by right-clicking the Data Collector Set and then choosing ______.
10
Latest Report
Custom Views
Application - Security - Setup - System - Forwarded Events
2. With event forwarding - only these Windows versions can act as collecting computers:
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
wecutil qc
gr
ds
3. With ______ subscriptions - the collecting computer contacts the source computers to retrieve events.
Collector initiated
qc
RACAgent.exe
Performance Monitor
4. To capture network traffic from a command prompt - switch to the Network Monitor installation folder (C:Program FilesMicrosoft Network Monitor 3 by default) and run the following command:
NMCap /network * /capture /file filename.cap
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Custom Views
Forwarded Events
5. One of the most useful ways to use Task Scheduler is to launch a task in response to a specific event type that appears in Event Viewer. You can respond to events in three ways:
Start A Program - Send An E-mail - Display A Message
Windows Logs and Applications And Services Logs.
Source computer initiated
RACAgent.exe
6. You can also use the /inputcapture parameter of NMCap to process an existing capture file.E.g. To read a file named Capture1.cap and write a new capture file containing only HTTP packets - use this command:
Attach Task To This Event
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
103
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
7. The Reliability Monitor displays data gathered by the Reliability Analysis Component (RAC) - which is implemented using ______ command.
Network Monitor
System Diagnostics
multiple logs
RACAgent.exe
8. Event forwarding uses HTTP or HTTPS to send events from a forwarding computer to a collecting computer. Instead of using the standard TCP ports 80 and 443 - HTTP and HTTPS use ports ______ - respectively.
NMCap /network * /capture /file filename.cap
Latest Report
5985 and 5986
Custom Views
9. ______ tracks a computer's stability.
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
wecutil qc
Ctrl+C
Reliability Monitor
10. What command should you run to configure a collecting computer?
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
Ctrl+C
wecutil qc
103
11. Microsoft provides ______ - a powerful protocol analyzer - as a free download.
Latest Report
Forwarded Events
Network Monitor
winrm quickconfig -transport:https
12. When you create a custom view - Event Viewer saves it within the ______ node so that you can quickly view the same set of events.
Application - Security - Setup - System - Forwarded Events
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Custom Views
13. With ______ - you can send events that match specific criteria to an administrative computer - allowing you to centralize event management.
winrm quickconfig
qc
Forwarded Events
event forwarding
14. At a command prompt with administrative privileges - run the following command to configure the Windows Remote Management service on the forwarding computer:
winrm get winrm/config
Start A Program - Send An E-mail - Display A Message
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
winrm quickconfig
15. In Task Scheduler - click Create Basic Task in the actions pane. On the Trigger page of the wizard - select ______. Then - specify the Log - Source - and Event ID.
When A Specific Event Is Logged
wecutil qc
System Performance
System
16. Logs processor - disk - memory - and network performance counters and kernel tracing. Use the ______ Data Collector Set when troubleshooting a slow computer or intermittent performance problems.
Application
System Performance
Setup
Windows Remote Management - Windows Event Collector
17. This Windows log contains events generated by applications.
10
Data Collector Sets
Security
Application
18. Computers that have no errors and no new software installations are considered stable and can achieve the maximum system stability index of ______.
RACAgent.exe
When A Specific Event Is Logged
10
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
19. This captures all traffic on all network interfaces and saves it to a file named Filename.cap. When you are finished capturing - press ______.
Start
winrm enumerate winrm/config/Listener
System Diagnostics
Ctrl+C
20. Although you can create data collector sets using the Logman tool - creating them using the Data Collector Sets console is easier. You can then run the data collector set by using the following command:
Attach Task To This Event
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
logman start "<Data Collector Set>"
Active Directory Diagnostics
21. ______ gather system information - including configuration settings and performance data - and store it in a data file.
winrm quickconfig
winrm enumerate winrm/config/Listener
Data Collector Sets
network adapter
22. The log files are contained in two subnodes:
Windows Logs and Applications And Services Logs.
Attach Task To This Event
Server Manager
10
23. To open Reliability Monitor - right-click the ______ node in Server Manager and then click View System Reliability.
Performance Monitor
DiagnosticsPerformanceMonitoring Tools
qc
Data Collector Sets
24. To create a custom Data Collector Set - follow these steps:
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
Windows Logs and Applications And Services Logs.
Ctrl+C
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
25. Because the forwarding computer must have HTTP and possibly HTTPS available - you can attempt to connect to it from the collecting computer by using Windows Internet Explorer
winrm get winrm/config
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
Performance Monitor
NMCap /network * /capture /file filename.cap
26. The wecutil ______ parameter performs the initial configuration required to collect events. If a subscription already exists - the necessary configuration must have already been performed.
Attach Task To This Event
Ctrl+C
qc
Performance Monitor
27. You can open Event Viewer from within ______ by selecting the DiagnosticsEvent Viewer node.
Active Directory Diagnostics
Server Manager
System Diagnostics
Forwarded Events
28. You can create two types of subscriptions:
Data Collector Sets
winrm quickconfig
Collector initiated - Source computer initiated
Subscriptions
29. ______ graphically shows real-time performance data - including processor utilization - network bandwidth usage - and thousands of other statistics.
Data Collector Sets
Forwarded Events
Performance Monitor
Start A Program - Send An E-mail - Display A Message
30. To trigger a task when an event occurs - follow one of these three procedures:
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
qc
Performance Monitor
31. Find an example of the event in Event Viewer. Then - right-click the event and click ______. A wizard will guide you through the process.
NMCap /network * /capture /file filename.cap
winrm get winrm/config
Attach Task To This Event
Network Monitor
32. With ______ subscriptions - the forwarding computers contact the collecting computer.
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
RACAgent.exe
network adapter
Source computer initiated
33. Logs all the info included in the System Performance Data Collector Set - plus detailed system information. Use the ______ Data Collector Set when troubleshooting reliability problems such as problematic hardware - driver failures - or Stop errors (a
Reliability Monitor
Collector initiated - Source computer initiated
Wireless Diagnostics
System Diagnostics
34. To verify that the forwarding computer has the Windows Remote Management listener properly configured - from an elevated command prompt - run the following command:
DiagnosticsPerformanceMonitoring Tools
Windows Remote Management - Windows Event Collector
winrm enumerate winrm/config/Listener
Forwarded Events
35. The wecutil ______ parameter defines subscription configuration. To specify a custom interval for a subscription - run the following commands: ______.
System Performance
ds
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
103
36. Check the Applications And Services LogsMicrosoftWindowsEventlog-ForwardingPluginOperational event log and verify that the subscription was created successfully. Event ID 100 indicates a new subscription whereas Event ID ______ indicates a subscripti
System Performance
Network Monitor
103
Subscriptions
37. In Win Srvr 2008 and Win Srvr 2008 R2 - you can also simply select the ______ node in the console tree of Event Viewer to confiture the collecting computer.
Data Collector Sets
System
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Subscriptions
38. Using event forwarding requires you to configure both the forwarding and collecting computers. First - you must start the following services on both the forwarding and collecting computer:
Windows Remote Management - Windows Event Collector
network adapter
Custom Views
multiple logs
39. Windows Logs contains five subnodes:
RACAgent.exe
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
Ctrl+C
Application - Security - Setup - System - Forwarded Events
40. Present only on DCs - the ______ Data Collector Set logs kernel trace data - AD trace data - performance counters - and AD registry configuration.
Latest Report
DiagnosticsPerformanceMonitoring Tools
Active Directory Diagnostics
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
41. To configure Event Forwarding to use HTTPS - create a Windows Firewall exception for TCP port 5986 and run the following command:
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
NMCap /network * /capture "DNS" /file filename.cap
winrm quickconfig -transport:https
winrm get winrm/config
42. Custom views are filters that can display events from ______.
multiple logs
Application
winrm quickconfig -transport:https
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
43. This Windows log contains auditing events that Windows adds when a user accesses or attempts to access a resource that has been configured for auditing.
Start
Security
System Performance
Start A Program - Send An E-mail - Display A Message
44. Windows Server 2008 R2 includes several built-in Data Collector Sets located at Data Collector SetsSystem:
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
Setup
Collector initiated
RACAgent.exe
45. The wecutil ______ parameter displays the status of subscriptions.
Custom Views
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
gr
Collector initiated - Source computer initiated
46. To run a file named Respond.exe whenever event 177 is published in the System event log - run the following command:
Application
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Active Directory Diagnostics
47. The wecutil ______ parameter deletes a subscription.
winrm quickconfig
logman start "<Data Collector Set>"
System Performance
ds
48. To use a Data Collector Set - right-click it - and then choose ______.
qc
Start
network adapter
Start A Program - Send An E-mail - Display A Message
49. This Windows log contains events generated while installing and updating Windows.
Active Directory Diagnostics
Application - Security - Setup - System - Forwarded Events
Setup
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
50. With event forwarding - only these Windows versions can act as forwarding computers:
winrm quickconfig
RACAgent.exe
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
