SUBJECTS
|
BROWSE
|
CAREER CENTER
|
POPULAR
|
JOIN
|
LOGIN
Business Skills
|
Soft Skills
|
Basic Literacy
|
Certifications
About
|
Help
|
Privacy
|
Terms
Search
Test your basic knowledge |
MCTS: Monitoring Computers
Start Test
Study First
Subjects
:
certifications
,
mcts
,
it-skills
Instructions:
Answer 50 questions in 15 minutes.
If you are not ready to take this test, you can
study here
.
Match each statement with the correct term.
Don't refresh. All questions and answers are randomly picked and ordered every time you load a test.
This is a study tool. The 3 wrong answers for each question are randomly chosen from answers to other questions. So, you might find at times the answers obvious, but you will see it re-enforces your understanding as you take the test each time.
1. The log files are contained in two subnodes:
Windows Logs and Applications And Services Logs.
System Diagnostics
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
winrm quickconfig
2. The wecutil ______ parameter defines subscription configuration. To specify a custom interval for a subscription - run the following commands: ______.
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
When A Specific Event Is Logged
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
10
3. This Windows log contains events forwarded to this computer from other computers.
winrm enumerate winrm/config/Listener
ds
Forwarded Events
RACAgent.exe
4. At a command prompt with administrative privileges - run the following command to configure the Windows Remote Management service on the forwarding computer:
System Performance
winrm quickconfig
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Active Directory Diagnostics
5. Event forwarding uses HTTP or HTTPS to send events from a forwarding computer to a collecting computer. Instead of using the standard TCP ports 80 and 443 - HTTP and HTTPS use ports ______ - respectively.
5985 and 5986
network adapter
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
winrm quickconfig
6. With ______ subscriptions - the forwarding computers contact the collecting computer.
Wireless Diagnostics
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Source computer initiated
Collector initiated
7. ______ gather system information - including configuration settings and performance data - and store it in a data file.
Attach Task To This Event
Latest Report
Data Collector Sets
event forwarding
8. Microsoft provides ______ - a powerful protocol analyzer - as a free download.
Collector initiated - Source computer initiated
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
Network Monitor
Attach Task To This Event
9. This Windows log contains auditing events that Windows adds when a user accesses or attempts to access a resource that has been configured for auditing.
ds
System Diagnostics
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Security
10. What command should you run to configure a collecting computer?
103
Attach Task To This Event
wecutil qc
winrm get winrm/config
11. You can create two types of subscriptions:
Collector initiated - Source computer initiated
Source computer initiated
winrm enumerate winrm/config/Listener
Active Directory Diagnostics
12. After using a Data Collector Set to gather information and then stopping the Data Collector Set - you can view a summary by right-clicking the Data Collector Set and then choosing ______.
Collector initiated - Source computer initiated
Collector initiated
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Latest Report
13. What command should you run to configure a forwarding computer?
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
10
winrm quickconfig
qc
14. Check the Applications And Services LogsMicrosoftWindowsEventlog-ForwardingPluginOperational event log and verify that the subscription was created successfully. Event ID 100 indicates a new subscription whereas Event ID ______ indicates a subscripti
103
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
qc
network adapter
15. With event forwarding - only these Windows versions can act as collecting computers:
Reliability Monitor
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
multiple logs
16. Custom views are filters that can display events from ______.
When A Specific Event Is Logged
Windows Logs and Applications And Services Logs.
Custom Views
multiple logs
17. ______ tracks a computer's stability.
When A Specific Event Is Logged
Application
Subscriptions
Reliability Monitor
18. In Win Srvr 2008 and Win Srvr 2008 R2 - you can also simply select the ______ node in the console tree of Event Viewer to confiture the collecting computer.
Active Directory Diagnostics
Subscriptions
winrm enumerate winrm/config/Listener
wecutil qc
19. This Windows log contains events generated while installing and updating Windows.
Reliability Monitor
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Setup
20. To open Reliability Monitor - right-click the ______ node in Server Manager and then click View System Reliability.
Collector initiated - Source computer initiated
DiagnosticsPerformanceMonitoring Tools
Active Directory Diagnostics
Reliability Monitor
21. To trigger a task when an event occurs - follow one of these three procedures:
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
Start
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
NMCap /network * /capture "DNS" /file filename.cap
22. The wecutil ______ parameter performs the initial configuration required to collect events. If a subscription already exists - the necessary configuration must have already been performed.
qc
NMCap /network * /capture "DNS" /file filename.cap
10
103
23. To use a Data Collector Set - right-click it - and then choose ______.
Performance Monitor
Start
Vista - Win 7 - Win Server 2003 R2 - Win Server 2008 - and Win Server 2008 R2
Custom Views
24. Present only on DCs - the ______ Data Collector Set logs kernel trace data - AD trace data - performance counters - and AD registry configuration.
Active Directory Diagnostics
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
winrm enumerate winrm/config/Listener
Find an example of the event in Event Viewer. - In Task Scheduler - click Create Basic Task in the actions pane. - Use the Schtasks command-line tool from a command prompt or a script.
25. Computers that have no errors and no new software installations are considered stable and can achieve the maximum system stability index of ______.
NMCap /network * /capture /file filename.cap
10
network adapter
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
26. With ______ - you can send events that match specific criteria to an administrative computer - allowing you to centralize event management.
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
ds
event forwarding
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
27. With ______ subscriptions - the collecting computer contacts the source computers to retrieve events.
103
Collector initiated
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
DiagnosticsPerformanceMonitoring Tools
28. Because the forwarding computer must have HTTP and possibly HTTPS available - you can attempt to connect to it from the collecting computer by using Windows Internet Explorer
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
qc
Windows Logs and Applications And Services Logs.
29. Windows Server 2008 R2 includes several built-in Data Collector Sets located at Data Collector SetsSystem:
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
Application - Security - Setup - System - Forwarded Events
ss - wecutil ss <subscription_name> /cm:custom wecutil ss <subscription_name> /hi:<milliseconds_delay>
Active Directory Diagnostics - System Performance - System Diagnostics - Wireless Diagnostics
30. When you create a custom view - Event Viewer saves it within the ______ node so that you can quickly view the same set of events.
Custom Views
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
multiple logs
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
31. In Task Scheduler - click Create Basic Task in the actions pane. On the Trigger page of the wizard - select ______. Then - specify the Log - Source - and Event ID.
10
When A Specific Event Is Logged
System Performance
NMCap /network * /capture "DNS" /file filename.cap
32. Present only on computers with wireless capabilities - the ______ Data Collector Set logs the same info as the LAN Diagnostics Data Collector Set - plus info relevant to troubleshooting wireless network connections.
gr
wecutil qc
Performance Monitor
Wireless Diagnostics
33. The wecutil ______ parameter displays the status of subscriptions.
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
gr
winrm quickconfig
Start
34. Event forwarding uses ______ or ______ to send events from a forwarding computer to a collecting computer.
DiagnosticsPerformanceMonitoring Tools
10
System
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
35. Using event forwarding requires you to configure both the forwarding and collecting computers. First - you must start the following services on both the forwarding and collecting computer:
System
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
Windows Remote Management - Windows Event Collector
Windows Logs and Applications And Services Logs.
36. To run a file named Respond.exe whenever event 177 is published in the System event log - run the following command:
Application
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
Reliability Monitor
Performance Monitor
37. This Windows log contains core system events. Other system events are contained with Applications And Services Logs.
System
System Performance
Attach Task To This Event
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
38. The Reliability Monitor displays data gathered by the Reliability Analysis Component (RAC) - which is implemented using ______ command.
RACAgent.exe
Hypertext Transfer Protocol (HTTP) or HTTPS (Hypertext Transfer Protocol Secure)
Windows Remote Management - Windows Event Collector
event forwarding
39. To verify that the forwarding computer has the Windows Remote Management listener properly configured - from an elevated command prompt - run the following command:
winrm enumerate winrm/config/Listener
System Diagnostics
When A Specific Event Is Logged
Start A Program - Send An E-mail - Display A Message
40. You can open Event Viewer from within ______ by selecting the DiagnosticsEvent Viewer node.
Server Manager
http://computername:5985 (or https://computername:5986 if you are using HTTPS)
Windows Remote Management - Windows Event Collector
Collector initiated
41. To create a custom Data Collector Set - follow these steps:
winrm quickconfig
Performance Monitor
Right-click Data Collector SetsUser Defined - choose New - and then choose Data Collector Set. The Create New Data Collector Set Wizard appears.
winrm quickconfig
42. Find an example of the event in Event Viewer. Then - right-click the event and click ______. A wizard will guide you through the process.
qc
System Performance
Attach Task To This Event
System Diagnostics
43. ______ graphically shows real-time performance data - including processor utilization - network bandwidth usage - and thousands of other statistics.
Forwarded Events
Performance Monitor
winrm get winrm/config
event forwarding
44. This Windows log contains events generated by applications.
Application - Security - Setup - System - Forwarded Events
System Performance
Application
SCHTASKS /Create /TN EventLog /TR respond.exe /SC ONEVENT /EC System /MO *[System/EventID=177]
45. With event forwarding - only these Windows versions can act as forwarding computers:
Win XP SP2 - Win Srvr 2003 SP1 or 2 - Win Srvr 2003 R2 - Vista - Win 7 - Win Srvr 2008 - and Win Srvr 2008 R2
Windows Remote Management - Windows Event Collector
gr
winrm get winrm/config
46. To use a filter capture - type the filter capture in quotation marks after the /capture parameter. For example - the following command captures only DNS traffic:
NMCap /network * /capture "DNS" /file filename.cap
System Performance
Reliability Monitor
Start
47. One of the most useful ways to use Task Scheduler is to launch a task in response to a specific event type that appears in Event Viewer. You can respond to events in three ways:
Windows Logs and Applications And Services Logs.
wecutil qc
Start A Program - Send An E-mail - Display A Message
gr
48. The Minimize Bandwidth and Minimize Latency options of Event Subscriptions - both batch a default number of items at a time. You can determine the value of this default by typing the following command at a command prompt:
System
Data Collector Sets
Wireless Diagnostics
winrm get winrm/config
49. Logs all the info included in the System Performance Data Collector Set - plus detailed system information. Use the ______ Data Collector Set when troubleshooting reliability problems such as problematic hardware - driver failures - or Stop errors (a
System Diagnostics
winrm quickconfig -transport:https
Security
NMCap /network * /capture "DNS" /file filename.cap
50. Network Monitor can capture only traffic that the ______ receives.
network adapter
NMCap /InputCapture "Capture1.cap" /capture "HTTP" /file "HttpOnlyCapture.cap"
qc
Windows Remote Management - Windows Event Collector
