8.1.9
docx
keyboard_arrow_up
School
Crafton Hills College *
*We aren’t endorsed by this school
Course
232
Subject
Computer Science
Date
Dec 6, 2023
Type
docx
Pages
82
Uploaded by AmbassadorFlowerSandpiper22
8.1.9
Question 1:
Incorrect
As part of the regular system maintenance on your Windows system, you are checking Performance Monitor statistics and Event Log events.
You notice that there are several Error events listed with the same ID number. They also contain a description that sounds as if the error is related to system hardware. You check your Performance Monitor logs but don't notice anything unusual around the time that the events were generated.
Which step must you take to receive an email every time the event is logged so you can check the system statistics at that moment?
Answer
Correct Answer:
Attach a task to the event.
Configure a performance counter alert.
Configure Event Subscriptions.
Configure an Event Trace Data Collector.
Explanation
Attach a task to an event or log to receive a notification or take other actions when an event is logged. Tasks attached to an event execute the action whenever an event with that ID, source, and log occurs.
Use a performance counter alert to configure triggers that take an action when
a counter reaches a threshold value. Alerts monitor a system performance statistic, such as processor time or disk space. They do not monitor Event Log
events.
Use an Event Trace Data Collector in Performance Monitor to capture events logged by software processes.
Use Event Subscriptions to view a set of events stored in multiple logs on multiple computers. Events that occur on one computer are sent to another computer. They are saved there and can be viewed.
References
8.1.2 Manage Event Logs
8.1.3 Manage Event Logs Facts
8.1.4 Manage Event Logs
8.4.1 Windows Admin Center and System Insights
q_events_logs_attach_task_to_event_sha5.question.fex
Question 2:
Incorrect
Using Event Viewer, you have created a Custom View to track Warning and Error events from both the Application and System logs.
After a few days, there are several events in the Custom View. You would like to clear the messages from the view so that you only see messages starting from today.
How do you make sure that any messages from today that are in the corresponding logs still exist?
Answer
Export the Custom View and then import it with a new name.
Clear the Application and System logs.
Save the events in the Custom View.
Correct Answer:
Edit the Custom View properties and create a custom range for the logged events, starting with today's date.
Clear the Custom View.
Explanation
A Custom View shows all messages that exist in the corresponding log. To remove older messages from the Custom View without deleting the messages, edit the Custom View properties to change the logged parameters.
You cannot clear a Custom View. You can only edit the filter properties that determine which events are shown.
Clearing the logs specified by the Custom View filter properties will clear the Custom View, but this also deletes the events from the log.
References
8.1.2 Manage Event Logs
8.1.3 Manage Event Logs Facts
8.1.4 Manage Event Logs
8.4.1 Windows Admin Center and System Insights
q_events_logs_create_custom_range_for_logged_events_sha5.question.fex
Question 3:
Incorrect
On your Windows system, you run a custom application that was developed in-house.
The application generates Event Viewer events and logs those events to the default Application and the Security logs in Event Viewer.
As you monitor the application, you would like to be able to do the following:
View all events related to the application from a single log.
View only the events related to the application and no others.
View the necessary events with minimal future configuration.
Save the Event Viewer configuration so that you can easily export and import the solution to other servers that will be running the application.
What should you do?
Answer
Create a filter on the Application and Security logs.
Configure Event Subscriptions.
Attach a task to the event IDs generated by the application.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Correct Answer:
Create a Custom View.
Explanation
A Custom View is a saved filter. Custom Views apply filter criteria to one or more event logs. The filter criteria for a Custom View is similar to that of a filter, but it also includes the log(s) you want to include in the view. Custom Views are saved between Event Viewer sessions and are available each time you use Event Viewer. You can export a Custom View and import it on another
system. This exports and imports the Custom View criteria, but it does not export or import the events showing in the view.
Adding a filter in Event Viewer has the following limitations:
You cannot save a filter. Each time you start Event Viewer, you will need to redefine the filter criteria.
Filters apply only to a single log. You cannot filter multiple logs into a single view.
You cannot export and import filter criteria to other computers.
Use Event Subscriptions to view a set of events stored in multiple logs on multiple computers. Events that occur on one computer are sent to another computer, where they are saved and can be viewed.
Attach a task to an event or a log to receive notification or take other actions when an event is logged.
References
8.1.2 Manage Event Logs
8.1.3 Manage Event Logs Facts
8.1.4 Manage Event Logs
8.4.1 Windows Admin Center and System Insights
q_events_logs_create_custom_view_sha5.question.fex
Question 4:
Incorrect
You are troubleshooting a problem that keeps occurring on your Windows system. When the problem happens, Event Viewer shows several Error events in the Application and System logs.
From a single view, you would like to see only Error events from both the Application and the System logs.
What can you do in Event Viewer to make this happen?
Answer
On both the Application and System logs, create a Custom View.
Correct Answer:
On the Application log, filter the log to show only Error events. Save the filter to a Custom View and then add the System event log as an additional filter.
On both the Application and System logs, create a filter to show only Error events. Save the changes for both logs.
On both the Application and System logs, filter the logs to show only Error events. For both logs, save the filter to a Custom View.
Explanation
To view events from multiple logs at the same time, create a single Custom View that includes both logs. You can create a view from an existing filtered log and then modify the filter criteria. You can also just create a single new view with the necessary settings.
Creating a Custom View from both logs leaves you with two Custom Views instead of one.
Saving the logs saves the messages in the log.
You can also save the filtered log file to save only the messages currently showing.
References
8.1.2 Manage Event Logs
8.1.3 Manage Event Logs Facts
8.1.4 Manage Event Logs
8.4.1 Windows Admin Center and System Insights
q_events_logs_filter_log_to_show_only_errors_sha5.question.fex
Question 5:
Incorrect
You are troubleshooting a problem that keeps occurring on your Windows system. When the problem happens, there are several Warning and Error events logged to the Application log in Event Viewer.
You create a Custom View that shows only Warning and Error events. During troubleshooting, you filter the Custom View to show only the Error messages.
How can you create a new Custom View using the current filter settings?
Answer
Copy the Custom View using a new name.
Save the events in the Custom View.
Correct Answer:
Save the filter to a Custom View.
Export the Custom View and then import it using a different name.
Explanation
To create a new Custom View based on a filter that has been applied to it, right-click the Custom View and click Save Filter to Custom View.
Exporting or copying the Custom View can be used to create a Custom View based on the properties of the existing one. However, filters applied to the view are not applied to its settings.
Saving the events in the Custom View saves the log entries to a log file. However, it does not create a new Custom View.
References
8.1.2 Manage Event Logs
8.1.3 Manage Event Logs Facts
8.1.4 Manage Event Logs
8.4.1 Windows Admin Center and System Insights
q_events_logs_save_filter_to_custom_view_sha5.question.fex
Question 6:
Incorrect
You would like to configure Event Subscriptions on your Windows system to forward events to a network server. You need to configure your computer as a source computer for a collector-initiated subscription.
Which of the following will be part of your configuration? (Select two.)
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Answer
Make the source computer a member of the Subscribed Computers group.
Run the wecutil qc command.
Configure the Local Security Policy to identify the FQDN (fully qualified domain name) of the collector computer.
Correct Answer:
Run the winrm qc command.
Correct Answer:
Add the collector computer to the Event Log Readers group.
Explanation
Use a collector-initiated subscription to explicitly identify source computers that can forward events to the collector computer. To configure a source computer for collector-initiated subscriptions:
Run the winrm qc
command to run WinRM.
Add the collector computer account to the local Event Log Readers group or the local Administrators group.
Run the wecutil qc command on the collector computer for collector-initiated subscriptions.
The other tasks are performed when configuring source computer-initiated subscriptions. You would edit the Local Security Policy or Group Policy to identify the collector computer when configuring a source computer for source
computer-initiated subscriptions.
Adding the source computer to a computer group is a task performed in Active
Directory or on the collector computer.
References
8.1.5 Data Collector Sets
8.1.6 Create and Configure Data Collector Sets
8.1.7 Data Collector Sets Facts
8.4.1 Windows Admin Center and System Insights
q_collector_sets_add_collector_to_event_log_readers_sha5.question.fex
Question 7:
Incorrect
You have two Windows systems named Computer 1 and Computer 2.
Over the next few days, you want to be able to monitor Computer 1 from Computer 2. To do this, you want to automatically save and send Computer 1's Application and System logs to Computer 2.
How would you do this?
Answer
On Computer 1, attach a task to the Application and System logs. Configure the task to run a script that copies the logs to Computer 2.
On Computer 1, create a scheduled task that saves the Application and System logs to a network share. Configure the schedule to run every 15 minutes.
Correct Answer:
On both computers, enable and configure Event Subscriptions. Configure Computer 1 as a source and Computer 2 as a collector.
On Computer 2, open the Reliability and Performance Monitor and connect to Computer 1. Create a Data Collector Set with event trace data.
Explanation
To save events from one server to another, use Event Subscriptions. When an
event occurs on the source server, those events are recorded on the local system and sent to the collector server. You can use Event Subscriptions to collect and view events from multiple servers. Events are saved on the collector server, where they can be viewed and managed from Event Viewer. The default location for these events is the Forwarded Events log.
Use Reliability and Performance Monitor to monitor system statistics, such as processor percentage or disk space.
Attach a task to an Event log or an event to send an email, display a message, or run a program when an event occurs.
References
8.1.5 Data Collector Sets
8.1.6 Create and Configure Data Collector Sets
8.1.7 Data Collector Sets Facts
8.4.1 Windows Admin Center and System Insights
q_collector_sets_configure_event_subscriptions_sha5.question.fex
Question 8:
Incorrect
You would like to configure Event Subscriptions on your Windows system to forward events to a network server. You need to configure your computer as a source computer for a source-initiated subscription.
Which of the following will be part of your configuration? (Select two.)
Answer
Correct Answer:
Run the winrm qc -q command.
Add the collector computer to the Event Log Readers group.
Run the wecutil qc /q command.
Run the wecutil qc /a
command.
Correct Answer:
Configure the Local Security Policy to identify the FQDN of the collector computer.
Explanation
Use a source-initiated subscription to configure a subscription when all the possible source computers are not known. To configure a source computer for
source computer-initiated subscriptions:
Run the winrm qc -q
command to run WinRM.
Configure and enable the Event Forwarding Policy through Group Policy or the Local Security Policy, then specify the collector computer's FQDN.
Run the wecutil qc /q
command on the collector computer for collector-
initiated subscriptions.
The wecutil qc /a
command does not exist.
The other task is performed when configuring collector-initiated computers.
References
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.1.5 Data Collector Sets
8.1.6 Create and Configure Data Collector Sets
8.1.7 Data Collector Sets Facts
8.4.1 Windows Admin Center and System Insights
q_collector_sets_configure_local_security_policy_fqdn_sha5.question.fex
Question 9:
Incorrect
You manage two Windows systems named Computer 1 and Computer 2.
You have configured Event Subscriptions with the default settings to forward events from these two computers to a third Windows system named Computer 3.
How do you view the events from these two computers on Computer 3?
Answer
Correct Answer:
In Event Viewer, open the Forwarded Events log.
In Performance Monitor, create a Data Collector Set to gather data from Computer 1 and Computer 2.
In Resource Manager, apply a filter for Computer 1 and Computer 2.
In Event Viewer, create an event filter that includes all logs and has as a source Computer 1 or Computer 2.
Explanation
By default, events received from source computers are saved in the Forwarded Events log in Event Viewer. You could create a filter, but the filter would not show any information different from what is in the Forwarded Events
log. Use a filter if you want to add additional filters to the events in that log.
Use System Monitor and Performance Monitor to track statistics about the operation of the local computer.
References
8.1.5 Data Collector Sets
8.1.6 Create and Configure Data Collector Sets
8.1.7 Data Collector Sets Facts
8.4.1 Windows Admin Center and System Insights
q_collector_sets_open_forwarded_events_log_sha5.question.fex
Question 10:
Incorrect
You manage three Windows systems that are part of a Workgroup. You would like to configure Event Subscriptions so that you can view all events from those computers on your Windows notebook.
You need to configure the three source computers and one collector computer. The subscription will be a source-initiated subscription.
What should you do? (Select two. Each answer is part of the complete solution.)
Answer
On the source computers, run the winrm qc -q command. On the collector computer, run the wecutil qc /q
command.
On all four computers, run the winrm qc -q command.
Correct Answer:
On the collector computer, configure the subscription.
Correct Answer:
On all four computers, run the winrm qc-q command. On the collector computer, run the wecutil qc /q
command.
On all four computers, configure the subscription.
Explanation
To configure Event Subscriptions for a source-initiated subscription:
Run the winrm qc -q command on all computers.
In the Local Policy or Group Policy that applies to the source computers, be sure to identify the FQDN (fully qualified domain name) of the collector computer.
On the collector computer, run the wecutil qc /q command.
On the collector computer, open Event Viewer and configure the subscription properties (such as the location of the forwarded events).
References
8.1.5 Data Collector Sets
8.1.6 Create and Configure Data Collector Sets
8.1.7 Data Collector Sets Facts
8.4.1 Windows Admin Center and System Insights
q_collector_sets_run_winrm_qc_q_command_sha5.question.fex
8.2.7
Question 1:
Incorrect
You are using the System Information utility, and you want to see the size of the disks installed and how much free space you have.
Which option would you expand?
Answer
Software Environment
System Summary
Correct Answer:
Components
Hardware Resources
Explanation
If you want to see the actual hardware in the system, you need to select the Components option. This is where you can see the actual hardware that's installed in the system.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
The System Summary option is selected by default. You can view things like the name of the operating system, the operating system manufacturer, and the system model number.
Hardware Resources shows you information such as which IRQs are assigned to which devices, which devices are using different I/O ports, and which devices are using DMA channels.
Under Software Environment, you see all the software that's currently in use on the system. This includes drivers, services, and startup programs that are running.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_components_sys_config_sha5.question.fex
Question 2:
Incorrect
You are using the Services app. You have double-clicked on a service.
Which tab will allow you to see the system drivers that the service uses?
Answer
Correct Answer:
Dependencies
Recovery
General
Log On
Explanation
The Dependencies tab shows the services and system drivers that the service
uses.
The Recovery tab contains recovery options that determine the actions to take
after a service fails.
The General tab shows whether the service is currently running.
The Log On tab identifies the authentication needed to start the service.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_depend_services_app_sha5.question.fex
Question 3:
Incorrect
What is the main purpose of the dxdiag
utility?
Answer
Launch a variety of other system configuration utilities.
Link to the Startup tab in Task Manager.
Correct Answer:
Test the system's multimedia capabilities.
List the services installed in a system and their status.
Explanation
dxdiag
has a slightly different function than other utilities. dxdiag
is a DirectX diagnostic tool. Its job is to test the DirectX system on the computer. DirectX is
a programming interface that's used for video and multimedia. Its job is to test the system's multimedia capabilities.
The services installed on a system and their statuses are listed in the Services
tab of the msconfig
utility.
The link to the Startup tab in Task Manager can be found under the Startup tab of the msconfig
utility.
The Tools tab of the msconfig
utility allows you to launch a variety of other system configuration utilities.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_dxdiag_def_sha5.question.fex
Question 4:
Incorrect
Windows comes with a special tool called the Microsoft Management Console
(MMC).
What does this tool do?
Answer
Enables troubleshooting of technical issues and optimizes the startup process.
Correct Answer:
Provides a consistent interface for all management tools.
Cleans the junk files from your system that accumulates over time.
Automatically starts an application or runs a script based on events.
Explanation
Windows comes with a special tool called the Microsoft Management Console
(MMC). Its purpose is to provide a consistent interface for all of the management tools that we use to manage the various aspects of the operating system.
Windows Disk Cleaner is a utility for computers that cleans the junk files from your system that accumulate over time, such as temporary files and broken shortcuts.
Use the System Configuration app (
msconfig.exe
) to enable troubleshooting of technical issues and optimize the startup process.
Task Scheduler is a Windows app used to automatically start an application or
run a script based on events.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_mmc_def_sha5.question.fex
Question 5:
Incorrect
You need to customize the utilities and programs loaded on your Windows system at startup.
What should you do?
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Answer
Correct Answer:
Run System Configuration
Run the Services MMC snap-in
Run Startup and Recovery options
Run Startup Repair
Explanation
You can use the System Configuration utility (
msconfig.exe
) to boot the system (excluding specific files or file entries) and customize the utilities and programs loaded on your Windows system at startup.
In addition, you can use msconfig
to:
View and customize Windows setup components.
Customize the boot configuration. This includes the default operating
system and Safe Mode boot selection.
Disable or enable services.
Access available tools and view the file and file path for the application that runs each tool.
You use the Startup and Recovery options in the Advanced tab of the System Properties to manage and maintain startup and recovery settings. These options include the default operating system for startup, the number of seconds a list of operating systems is displayed before the default operating system is booted, and the actions to take when the system stops unexpectedly.
If your system detects a startup failure, it automatically starts the Startup Repair tool.
You use the Services MMC snap-in to view and manage running services. A service is a program that processes requests from other applications or users.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_run_sys_config_sha5.question.fex
Question 6:
Incorrect
After running the Backup and Restore console on your Windows computer, you notice that backups are not created for open files.
To troubleshoot the issue, you want to confirm that the Volume Shadow Copy Service (VSS) is running and configured to start automatically when the computer boots.
Which tool can you use to ensure VSS is configured to start automatically?
Answer
Reliability Monitor
Correct Answer:
Services
Event Viewer
Performance Monitor
Computer Management
Explanation
You can use the Services tool to view and manage running services, such as VSS. A service is a program that processes requests from other applications or users. Services can start automatically, and they might run constantly in the
background while waiting for service requests.
Performance Monitor displays statistics about the operation of your computer.
Event Viewer allows you to view logs about programs, system events, and security.
Reliability Monitor maintains historical data that describe the operating system's stability.
Computer Management is a Microsoft Management Console (MMC) used to manage your computer.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_run_vss_service_sha5.question.fex
Question 7:
Incorrect
Which of the following utilities allows you to change the startup type of a service to Automatic (Delayed)?
Answer
msinfo32
msconfig.exe
Task Manager
Correct Answer:
services.msc
Explanation
Using the Services app (
services.msc
), you can change the startup type. Acceptable startup types include:
Automatic: The service starts at system logon.
Automatic (Delayed): The service starts a short while after the system has finished starting up. This option was introduced in Windows Vista in an attempt to reduce the boot-to-desktop time. However, not all services support delayed start.
Manual: The service starts only when explicitly summoned.
Disabled: The service is disabled. It will not run.
Using the System Configuration utility, you can disable or enable services at system boot.
In Task Manager, from the Services tab, you can right-click on the service. From there, you can select to start, stop, or restart the service.
msinfo32
is not used to change services running on a device.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_startup_app_sha5.question.fex
Question 8:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Incorrect
You have opened the System Information app, which now displays the System
Summary.
What information can be seen from this view?
Answer
Drivers, services, and startup programs
Hardware components, storage components, and problem devices
IRQs assigned to devices, devices using I/O ports, and devices using DMA channels
Correct Answer:
Name of the operating system, the operating system manufacturer, and system model number
Explanation
When you launch System Information, the System Summary is displayed by default. From this view, you can see the name of the operating system, the operating system manufacturer, and the system model number.
Which IRQs are assigned to which devices, which devices are using different I/O ports, and which devices are using DMA channels are all listed under Hardware Resources.
Hardware components, storage components, and problem devices are all listed under Components.
Drivers, services, and startup programs are all listed under Software Environment.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_system_summary_sha5.question.fex
Question 9:
Incorrect
You run the System Information app in Safe Mode on a Windows computer.
What can you expect to see?
Answer
Service and software environment information
System component, hardware, and software environment information
Hardware and software environment information
Correct Answer:
System component and software environment information
Explanation
The System Information app does not provide hardware information when run in Safe Mode. When it is run in Safe Mode, System Information is limited to displaying information about system components and the software environment.
You manage services and view service information in the Services app.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_sys_info_safe_mode_sha5.question.fex
Question 10:
Incorrect
You have a utility on your computer that needs to run regularly at a set time and day each week.
What tool would you use to accomplish this task?
Answer
Correct Answer:
Task Scheduler
Task Manager
System Configuration (msconfig)
DirectX Diagnostic
Explanation
Task Scheduler lets you schedule utilities and applications to run automatically
on a computer.
Task Manager shows you which apps and programs are currently running on your computer and gives you options for what to do with them.
The System Configuration app (msconfig) manages your system configuration.
The DirectX diagnostic tool (dxdiag) lets you view system information and DirectX information relating to your video and sound cards. This tool is helpful when you need to troubleshoot driver-related issues encountered by DirectX.
References
8.2.6 System Configuration Tool Facts
q_dgnstc_tls_task_scheduler_sha5.question.fex
8.3.10
Question 1:
Incorrect
You use a custom application that was developed in-house.
On a periodic basis, the application writes or modifies several Registry entries.
You want to monitor these Registry keys so that you can create a report that shows their corresponding settings over the next five days.
What should you do?
Answer
Create a scheduled task that runs periodically. In the task, create a script that backs up the necessary portions of the Registry.
Correct Answer:
Configure a configuration Data Collector in Performance Monitor.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Attach a task to the events that are logged in Event Viewer when the Registry values change.
Use the reports generated in Reliability Monitor. Select each of the past five days and look for Registry changes in the System Stability Report.
Explanation
You should use a configuration Data Collector in Performance Monitor to monitor Registry keys and values. Configure an interval (such as every 10 minutes) for the data collector to report the setting of the Registry keys at that time. Configure the Data Collector Set with a stop duration of 5 days to collect data only for those 5 days. By using the Data Collector, you can easily create a report from the log data.
Changing a Registry key does not automatically log an event in the event log, nor can you use Event Viewer to easily generate a report.
Backing up the Registry at selected intervals will capture the existing configuration, but the data is not in an easy-to-read format.
The System Stability Report does not monitor Registry changes, only software
install/uninstall or failures (hardware, software, Windows, etc.).
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
8.4.1 Windows Admin Center and System Insights
q_performance_manager_config_perform_monitor_sha5.question.fex
Question 2:
Incorrect
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
You have just installed a custom application on your Windows system. The application generates Event Viewer events and logs those events to the default Application
and Security
logs in Event Viewer.
You are concerned about system performance while running the application. You would like to be able to view the current statistics for the processor, memory, and disk reads and writes. You only want to see these statistics and no others, and you want to be able to easily save the configuration so that the same statistics are shown each time.
What should you do?
Answer
Configure Event Subscriptions.
Add objects and counters in Performance Monitor.
Correct Answer:
Create a Data Collector Set in Performance Monitor.
Create a Custom View in Event Viewer.
Explanation
Use Data Collector Sets to define statistics to gather over time. These statistics are saved to a file. You open the file to analyze the statistics. You cannot view current statistics from a defined Data Collector Set.
Use Performance Monitor to view current system statistics. Add objects and counters to customize the statistics that are shown.
Use Event Subscriptions to view a set of events stored in multiple logs on multiple computers. Events that occur on one computer are sent to another computer where they are saved and can be viewed.
Event Viewer shows events, such as error messages, and not data about system statistics. A Custom View is a saved filter in Event Viewer.
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
8.4.1 Windows Admin Center and System Insights
q_performance_manager_same_statistics_sha5.question.fex
Question 3:
Incorrect
Match the list of tools on the left with the appropriate descriptions on the right.
Captures system performance statistics over a period of time.
correct answer:
Data Collector Set (DCS)
Used to view the collected data from data collector set counters.
correct answer:
Performance Monitor Reports
Displays real-time visual graphs of a computer's overall performance.
correct answer:
Performance Monitor
Used to start and stop and existing collection.
correct answer:
logman.exe
Keyboard Instructions
Explanation
Performance Monitor displays real-time visual graphs of a computer's overall performance.
A Data Collector Set (DCS) captures system performance statistics over a period of time. A DCS includes one or more data collectors that identify the specific objects and counters you want to track.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Use the Reports tool to view the collected data or to create new reports from Data Collector Set counters. Keep the following in mind about Performance Monitor reports:
If a collector set has not been defined and run, no reports will be available.
Membership in the local Performance Log Users or Administrators group (or equivalent) is required to view the reports.
Use the logman
command with the following options to create and manage logs:
create counter
creates a new Performance Counter Data Collector.
create trace
creates a new Event Trace Data Collector.
create config
creates a new Configuration Data Collector.
start
begins an existing collection and sets the begin time to manual.
stop
stops an existing collection and sets the end time to manual.
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
8.4.1 Windows Admin Center and System Insights
q_performance_manager_tool_match_sha5.question.fex
Question 4:
Incorrect
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
An employee calls to complain that their Windows system is running slowly. You launch Task Manager on their system and select the Processes tab. The output is shown in the image below.
What should you do? (Select two. Each answer is a part of the complete solution.)
Answer
Upgrade to a hard disk drive with a higher rotational speed.
Install a faster video adapter in the system.
Correct Answer:
Install more RAM in the system.
Upgrade to a faster hard disk interface.
Correct Answer:
Install a faster CPU in the system.
Explanation
The CPU in this system is overloaded because utilization is running consistently at 90% and above. A faster CPU will help reduce the load. In addition, system RAM utilization is above 70%. This indicates that either more RAM is needed or applications need to be unloaded.
It is probably not necessary to upgrade the hard disk or the storage interface. It is likely that the system is experiencing disk thrashing due to the shortage of
system RAM. Upgrading the CPU and system RAM will likely cause a dramatic drop in disk utilization.
Installing a faster video adapter is not likely to improve system performance in
this system.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
8.4.1 Windows Admin Center and System Insights
q_task_man_f_install_cpu_ram_sha5.question.fex
Question 5:
Incorrect
You are analyzing the CPU utilization on you system.
Why would you use Resource Monitor rather than Task Manager?
Answer
Resource Monitor shows different categories of information than Task Manager.
Resource Monitor provides more general information than Task Manager.
Resource Monitor does not provides a benefit over Task Manager.
Correct Answer:
Resource Monitor provides much more granular information than Task Manager.
Explanation
Resource Monitor provides much more granular information than Task Manager can. It displays the same categories of information as Task Manager does, such as CPU, Disk, Network, and Memory. It also includes overall utilization graphs for each category like Task Manager does. However, under each category, more details are provided that can't be found in Task Manager.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Under CPU, for example, you see each of the processes running on the system, the processes' ID number, a description of the process, the threads each of the processes is using, how much CPU time is being used by each process, and a 60-second average of how much CPU utilization is being consumed by each process.
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
8.4.1 Windows Admin Center and System Insights
q_task_man_f_monitor_vs_manager_sha5.question.fex
Question 6:
Incorrect
You want to see memory statistics for a specific process running on your Windows system.
What do you need to do to view the working set, shareable, and private memory for the process?
Answer
View the Processes tab in Task Manager.
In Performance Monitor, create a Data Collector Set using the process as the object and add the required memory counters.
Correct Answer:
Filter by the process in Resource Monitor.
View the Performance tab in Task Manager.
Explanation
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Resource Monitor displays additional information not found in Task Manager. By filtering by an application or process, you can view the CPU, memory, disk,
and network activity generated by the application or process. You can view detailed statistics for each category. These include statistics such as working set, shareable, and private memory for a process.
Using Task Manager, you can view the amount of memory used by a process on the Processes tab. However, you cannot view addition memory statistics for that process.
You can view some additional memory statistics for the entire system on the Performance tab. However, this information does not separate memory use by
process.
With Performance Monitor, you can view individual statistics (counters). However, you cannot separate those counters by application or process.
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
8.4.1 Windows Admin Center and System Insights
q_task_man_f_resource_monitor_filter_sha5.question.fex
Question 7:
Incorrect
You are viewing the reliability and problem history
chart in Reliability Monitor on a Windows system. Some sections of the graph are displayed with a dotted
line.
What does the dotted line indicate?
Answer
Correct Answer:
There is not enough data to calculate the stability index.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
A system update was installed.
A system crash occurred.
Monitored values exceeded configured threshold values.
Explanation
A dotted line in the reliability and problem history
chart indicates there is not enough data to calculate a stability index, which can be caused by a variety of
factors.
A dotted line in the reliability and problem history
chart does not indicate that monitored values exceeded configured threshold values, a system crash occurred, or that a system update was installed.
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
8.4.1 Windows Admin Center and System Insights
q_reliab_mon_f_dotted_line_sha5.question.fex
Question 8:
Incorrect
What is the tool that queues messages, checks several security and maintenance-related items, and consolidates messages and status updates for several other tools called?
Answer
Reliability Monitor
Task Manager
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Resource Monitoring
Correct Answer:
Windows Action Center
Explanation
The Action Center queues messages that require your attention, checks several security and maintenance-related items that influence the computer's overall performance, and also consolidates messages and status updates for several security-related tools into one location.
Reliability Monitor tracks a computer's stability by maintaining historical data relating to the operating system's stability. The historical information gathered by Reliability Monitor can be useful for troubleshooting intermittent problems.
The Resource Monitor displays real-time information about the way resources are used by the installed hardware and software.
Task Manager is a Windows utility that displays information about the system's
use of resources. The utilization statistics provided in Task Manager can help resolve system problems.
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
8.4.1 Windows Admin Center and System Insights
q_reliab_mon_f_resource_mon_def_sha5.question.fex
Question 9:
Incorrect
In the Windows Action Center, notifications are provided for which of the following? (Select two.)
Answer
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Correct Answer:
Network firewall
Correct Answer:
Windows Defender
Software installation
System hibernation
Driver installation
Explanation
The Windows Action Center is a central location for managing system messages and resolving issues with your system. The Action Center sends a notification when the status of a monitored item changes.
Notifications are provided for the following:
Windows Defender
Network firewall
Windows Update
Internet security settings
Network firewall
Spyware protection
User Account Control (UAC)
Windows Backup
Windows troubleshooting
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.4.1 Windows Admin Center and System Insights
q_reliab_mon_f_wac_notify_sha5.question.fex
Question 10:
Incorrect
Consider the Reliability Monitor output shown below.
Which status does the yellow triangle icon with an exclamation point represent?
Answer
Critical event
Crash
Correct Answer:
Warning
Information
Explanation
The reliability and problem history
chart in Reliability Monitor provides an overview of system stability in daily or weekly increments. On the chart:
Warning icons indicate a failure. These icons are yellow triangles with an exclamation point.
Information icons indicate a successful event. These icons are blue circles with the letter i.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Critical event icons indicate a failure. These icons are red circles with
the letter X.
References
8.1.1 Event Viewer
8.3.1 Performance Monitoring
8.3.2 Use Performance Monitor
8.3.3 Performance Monitor Facts
8.3.4 Resource Monitor and Process Explorer
8.3.5 Use Task Manager
8.3.6 Resource Monitoring Tools Facts
8.3.7 Reliability Monitor and Action Center
8.3.8 Use Reliability Monitor
8.3.9 Reliability Monitor and Action Center Facts
8.4.1 Windows Admin Center and System Insights
q_reliab_mon_f_yellow_triangle_sha5.question.fex
8.4.5
Question 1:
Incorrect
Your company wants to monitor their Azure VMs and collect data from the guest OS. Which Azure Monitor agent should they use?
Answer
Data Collection Rules
System Insights
Correct Answer:
Azure Diagnostics extension
Windows Admin Center
Explanation
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
The Azure Diagnostics extension is an agent in Azure Monitor that collects monitoring data from Azure guest OSs, such as VMs. It can send data to Azure Storage, Azure Monitor metrics, and third-party tools using Azure Event Hubs.
Windows Admin Center is a tool that collects and analyzes data from cloud-
based and on-premises Azure resources but is not an agent for Azure Monitor.
System Insights is a feature in Windows Server 2022 that uses machine learning to analyze data and provide predictive analysis of the local server's functioning, not specifically for Azure VMs.
Data Collection Rules determine the data collection process in Azure Monitor but are not an agent for collecting data from guest OSs.
References
8.4.1 Windows Admin Center and System Insights
8.4.3 Monitor by Using System Insights
8.4.4 Windows Admin Center and System Insights Facts
q_admin_service_insights_agent_sha5.question.fex
Question 2:
Incorrect
Which of the following can be used to create a new alert rule in the Azure Portal?
Answer
Correct Answer:
Monitor
> Alerts
> +Create
> Alert rule
Monitor
> Windows Admin Center
> +Create
> Alert rule
Monitor
> System Insights
> +Create
> Alert rule
Monitor
> Data Collection Rules
> +Create
> Alert rule
Explanation
To create a new alert rule using the Azure Portal, select Monitor
> Alerts
. From there, open the +Create
menu and select Alert rule
.
All other options are incorrect paths for creating a new alert rule in the Azure Portal.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
References
8.4.1 Windows Admin Center and System Insights
8.4.3 Monitor by Using System Insights
8.4.4 Windows Admin Center and System Insights Facts
q_admin_service_insights_alert_rule_sha5.question.fex
Question 3:
Incorrect
Which of the following is a type of alert that can be created using the Azure command line interface (CLI)?
Answer
Data Collection Rules
System Insights
Windows Admin Center
Correct Answer:
Metric
Explanation
Metric alerts can be created using the Azure command line interface (CLI) with the az monitor metrics alert create command.
Data Collection Rules are not types of alerts that can be created using the Azure CLI.
Windows Admin Center is a tool for managing Azure resources, not a type of alert that can be created using the Azure CLI.
System Insights is a feature in Windows Server 2022 that provides predictive analysis, not a type of alert that can be created using the Azure CLI.
References
8.4.1 Windows Admin Center and System Insights
8.4.3 Monitor by Using System Insights
8.4.4 Windows Admin Center and System Insights Facts
q_admin_service_insights_alert_sha5.question.fex
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Question 4:
Incorrect
Which of the following is a characteristic of Azure Monitor Alerts?
Answer
They specify what data is collected, how to transform it, and where to send it.
Correct Answer:
An alert rule monitors your data and grabs a signal that indicates something is
happening on a particular resource.
They are an agent that collects monitoring data from Azure guest OSs.
They provide predictive analysis of the local server's functioning.
Explanation
Azure Monitor Alerts use alert rules to monitor your data and grab signals that indicate something is happening on a particular resource. If the signal meets the criteria of the condition set for the alert, the alert triggers the associated action group and updates the state of the alert.
Providing predictive analysis of the local server's functioning is a feature of System Insights, not Azure Monitor Alerts.
Collecting monitoring data from Azure guest OSs is a function of the Azure Diagnostics extension, not Azure Monitor Alerts.
Specifying what data is collected, how to transform it, and where to send it are
characteristics of Data Collection Rules, not Azure Monitor Alerts.
References
8.4.1 Windows Admin Center and System Insights
8.4.3 Monitor by Using System Insights
8.4.4 Windows Admin Center and System Insights Facts
q_admin_service_insights_azure_monitor_alerts_sha5.question.fex
Question 5:
Incorrect
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Which of the following cmdlets can be used to create a log alert using PowerShell in Azure Monitor?
Answer
Set-AzDataCollectionRule
Add-AzMetricAlertRuleVZ
Set-AzActivityLogAlert
Correct Answer:
New-AzScheduledQueryRule
Explanation
To create a log alert using PowerShell in Azure Monitor, you can use the New-
AzScheduledQueryRule cmdlet.
Add-AzMetricAlertRuleVZ
is used to create a metric alert, not a log alert.
Set-AzActivityLogAlert
is used to create an activity alert, not a log alert.
Set-AzDataCollectionRule
is not a valid cmdlet for creating alerts in Azure Monitor.
References
8.4.1 Windows Admin Center and System Insights
8.4.3 Monitor by Using System Insights
8.4.4 Windows Admin Center and System Insights Facts
q_admin_service_insights_cmdlet_sha5.question.fex
Question 6:
Incorrect
Which of the following are characteristics of Data Collection Rules (DCRs) in Azure Monitor?
Answer
They are an agent that collects monitoring data from Azure guest OSs.
They are used to monitor and manage Azure VMs.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
They provide predictive analysis of the local server's functioning.
Correct Answer:
They specify what data is collected, how to transform it, and where to send it.
Explanation
Data Collection Rules (DCRs) determine the data collection process in Azure Monitor by specifying what data is collected, how to transform it, and where to send it.
Monitoring and managing Azure VMs is not a specific function of DCRs.
Providing predictive analysis of the local server's functioning is a feature of System Insights, not DCRs.
Collecting monitoring data from Azure guest OSs is a function of the Azure Diagnostics extension, not DCRs.
References
8.4.1 Windows Admin Center and System Insights
8.4.3 Monitor by Using System Insights
8.4.4 Windows Admin Center and System Insights Facts
q_admin_service_insights_dcr_sha5.question.fex
Question 7:
Incorrect
Which of the following is a simple indicator provided by System Insights in its analysis?
Answer
Data Collection Rules
Correct Answer:
OK
Monitor
Alert
Explanation
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
System Insights provides simple indicators in its analysis, such as OK (all is well; resources will not be exceeded).
An alert is not a simple indicator provided by System Insights.
Monitor is not a simple indicator provided by System Insights
Data Collection Rules are not simple indicators provided by System Insights.
References
8.4.1 Windows Admin Center and System Insights
8.4.3 Monitor by Using System Insights
8.4.4 Windows Admin Center and System Insights Facts
q_admin_service_insights_indicator_sha5.question.fex
Question 8:
Incorrect
What is the minimum amount of data collection time required for System Insights to start providing predictive analysis?
Answer
30 days
Correct Answer:
180 days
60 days
90 days
Explanation
The minimum amount of data collection time required for System Insights to start providing predictive analysis is 180 days.
30, 60, and 90 days are shorter time periods and not sufficient for System Insights to start providing predictive analysis.
References
8.4.1 Windows Admin Center and System Insights
8.4.3 Monitor by Using System Insights
8.4.4 Windows Admin Center and System Insights Facts
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
q_admin_service_insights_predictive_analysis_sha5.question.fex
Question 9:
Incorrect
Which of the following can be integrated with Windows Admin Center (WAC) to enable Azure Update Management and Azure Monitor for VMs?
Answer
Azure Diagnostics extension
Azure Monitor Alerts
System Insights
Correct Answer:
Azure Monitor
Explanation
Windows Admin Center (WAC) can integrate Azure Monitor to enable Azure Update Management and Azure Monitor for VMs.
Azure Monitor Alerts are used to detect and address issues early but do not enable Azure Update Management and Azure Monitor for VMs.
The Azure Diagnostics extension is an agent in Azure Monitor that collects monitoring data from Azure guest OSs, not for integration with WAC.
System Insights is a feature in Windows Server 2022 that provides predictive analysis of the local server's functioning, not for integration with WAC.
References
8.4.1 Windows Admin Center and System Insights
8.4.3 Monitor by Using System Insights
8.4.4 Windows Admin Center and System Insights Facts
q_admin_service_insights_wac_integration_sha5.question.fex
Question 10:
Incorrect
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
When implementing Windows Admin Center (WAC), which of the following can be configured to assign specific management functions?
Answer
Correct Answer:
Role-based access
System Insights
Azure Monitor Alerts
Data Collection Rules
Explanation
When implementing Windows Admin Center (WAC), you can configure role-
based access to assign specific management functions.
Data Collection Rules determine the data collection process in Azure Monitor but are not used to assign specific management functions in WAC.
Azure Monitor Alerts are used to detect and address issues early but are not used to assign specific management functions in WAC.
System Insights is a feature in Windows Server 2022 that provides predictive analysis but is not used to assign specific management functions in WAC.
References
8.4.1 Windows Admin Center and System Insights
8.4.2 Alerts with Windows Admin Center
q_admin_service_insights_wac_sha5.question.fex
8.5.8
Question 1:
Incorrect
What does Azure Monitor do once enough data is collected?
Answer
Correct Answer:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
It establishes a baseline and can be configured to automatically send emails when resources are reported or predicted to fall out of a healthy range.
It manages updates and patches for all servers from a central location.
It monitors server health and events, performance, and visualize apps, systems, services connected to the servers.
It gathers and sends data to different Azure services.
Explanation
Once enough data is collected, Azure Monitor will establish a baseline. From that, you can configure Azure Monitor to automatically send emails when resources are reported or predicted to fall out of a healthy range.
Managing updates is a function of Azure Update Management.
Monitoring server health and events, performance, visualize apps, systems, and services is a function of Azure Monitor for VMs.
Gathering and sending data to different Azure services is a feature of the Azure Diagnostics extension.
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_data_collected_sha5.question.fex
Question 2:
Incorrect
What is a requirement for installing and using the Azure Diagnostics extension?
Answer
Azure Update Management must be enabled.
Azure Monitor must be set up.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Correct Answer:
The VM and storage account must be in the same region.
The Diagnostics agent must be installed.
Explanation
One requirement for installing and using the Azure Diagnostics extension is that the VM and storage account must be in the same region.
All other options are not requirements.
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_diagnostics_sha5.question.fex
Question 3:
Incorrect
Which Azure feature is similar to Log Analytics but specifically designed for virtual machines, allowing data gathering and sending to different Azure services?
Answer
Azure DevOps
Azure Machine Learning
Azure Security Center
Correct Answer:
Azure Diagnostics extension
Explanation
The Azure Diagnostics extension is a feature specifically designed for Virtual Machines. It is similar to Log Analytics in its function but is tailored for VMs. This service allows the collection and sending of data to various Azure
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
services, enabling efficient monitoring and management of VMs in the Azure environment.
An example of some of the Azure services are:
Azure Monitor Metrics.
Autoscale.
Azure storage.
Third-party tools (through Azure Event Hub).
The other options, such as Azure Security Center, Azure Machine Learning, and Azure DevOps, serve different purposes and are not specifically designed
for data gathering and sending for VMs.
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_diag_ext_sha5.question.fex
Question 4:
Incorrect
What happens once VM Insights is set up and connected to your servers?
Answer
You can gather and send data to different Azure services.
Correct Answer:
You can configure data collection rules that determine the type of data collected and what to do with it.
You can configure Log Analytics Workspaces and assign network resources to
them.
You can manage updates and patches for all servers from a central location.
Explanation
Once VM Insights is set up and connected to your servers, you can configure data collection rules that determine the type of data collected and what to do with it.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Managing updates is a function of Azure Update Management.
Gathering and sending data to different Azure services is a function of the Azure Diagnostics extension.
Configuring Log Analytics Workspaces and assigning network resources is the
first step in using Azure Monitor.
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_insights_sha5.question.fex
Question 5:
Incorrect
What tool can be used to surpass some limitations of the Azure Diagnostics extension?
Answer
Azure Monitor for VMs
Azure Update Management
Microsoft Monitoring Agent
Correct Answer:
Log Analytics agent
Explanation
The Log Analytics agent can be used in conjunction with the Diagnostics agent to surpass some of its limitations.
All other options are incorrect because they are different tools with different purposes.
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_limitations_sha5.question.fex
Question 6:
Incorrect
What is the role of the Log Analytics agent in a hybrid resource setup?
Answer
It collects data from on-premises servers.
It manages the updates and patches for all servers.
Correct Answer:
It gathers data from hybrid resources and sends it to Log Analytics Workspace.
It monitors the server's health and events.
Explanation
A Log Analytics agent is installed that gathers data and sends it to the Log Analytics Workspace. It gathers data from hybrid resources and sends it to the
Log Analytics Workspace.
The other options are not the primary functions of the Log Analytics agent.
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_log_analytics_sha5.question.fex
Question 7:
Incorrect
What is the role of the Microsoft Monitoring Agent in on-premises servers?
Answer
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
It monitors server health and events, performance, visualize apps, systems, and services connected to the servers.
It manages updates and patches for all servers from a central location.
It gathers and sends data to different Azure services.
Correct Answer:
It collects and sends data to the workspace.
Explanation
For on-premises servers, the Microsoft Monitoring Agent is installed, which then collects and sends data to the workspace.
Managing updates is a function of Azure Update Management.
Monitoring server health and events, performance, visualize apps, systems, and services is a function of Azure Monitor for VMs.
Gathering and sending data to different Azure services is a function of the Azure Diagnostics extension.
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_on_premesis_sha5.question.fex
Question 8:
Incorrect
Azure Update Management is a feature of Azure Monitor. What is its main function?
Answer
It gathers data from hybrid resources and sends it to Log Analytics Workspace.
It collects and analyzes data from cloud-based and on-premises Azure resources.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
It monitors the server's health and events.
Correct Answer:
It manages the updates and patches for all servers from a central location.
Explanation
Azure Update Management allows you to manage the updates and patches for all your servers from a central location.
The other options are not the primary functions of Azure Update Management.
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_update_mgmt_sha5.question.fex
Question 9:
Incorrect
Azure Monitor is a tool used for managing hybrid networks. What is the first step to using Azure Monitor?
Answer
Correct Answer:
Configure Log Analytics Workspaces and assign network resources to those workspaces.
Install the Log Analytics agent.
Install the Microsoft Monitoring Agent.
Set up Azure Update Management.
Explanation
Configuring Log Analytics Workspaces and assigning network resources to those workspaces is the first step to using Azure Monitor.
The other options are steps that follow after this initial step.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_use_sha5.question.fex
Question 10:
Incorrect
You need to enable Azure Update Management and Azure Monitor for VMs. What tool can be integrated into Windows Admin Center to provide this functionality?
Answer
Azure Update Management
Correct Answer:
Azure Monitor
Log Analytics agent
Microsoft Monitoring Agent
Explanation
The Azure Monitor can be integrated into Windows Admin Center for greater functionality.
The other options are incorrect because they are different tools with different purposes.
References
8.4.1 Windows Admin Center and System Insights
8.5.1 Azure Monitoring Services
8.5.2 Deploy Azure Monitor Agents
8.5.7 Azure Monitoring Services Facts
q_azure_monitoring_wac_sha5.question.fex
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.6.11
Question 1:
Incorrect
Which of the following tools would you use to view the MAC addresses associated with IP addresses that the local workstation has contacted recently?
Answer
arping
SSH
Correct Answer:
arp
netstat
Explanation
Use the arp
command to view the MAC addresses associated with IP addresses that the local workstation has contacted recently. When a workstation uses ARP to find the MAC address of an IP address, it places that
information in its ARP table.
Use the arping
command to send an ARP request to a specified IP address. arping
works much like ping in that the host with the specified IP address responds.
netstat
shows IP-related statistics, including incoming and outgoing connections and active sessions, ports, and sockets.
SSH (Secure Shell) is a remote console that's similar to Telnet except that it uses encryption that hides certain information, such as user credentials, on the other end of the transmission.
References
8.6.1 Troubleshooting On-Premises Connectivity
8.6.2 Troubleshoot On-Premises Connectivity
8.6.3 Troubleshoot On-Premises Connectivity Facts
8.6.4 Troubleshoot On-Premises Connectivity
8.6.5 Troubleshoot DHCP and DNS
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.6.7 Troubleshoot DHCP and DNS Facts
q_trb_premise_connect_arp_sha5.question.fex
Question 2:
Incorrect
Which TCP/IP utility gives you the following output?
Answer
arp -a
netstat -a
Correct Answer:
ipconfig
ping
Explanation
The ipconfig command shows a computer's TCP/IP configuration information.
netstat -a
shows you the status of all connections and listening ports.
The ping
command shows you the results of four echo request/reply contacts with a destination host.
The arp -a
switch shows you the current ARP cache tables.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
References
8.6.1 Troubleshooting On-Premises Connectivity
8.6.2 Troubleshoot On-Premises Connectivity
8.6.3 Troubleshoot On-Premises Connectivity Facts
8.6.4 Troubleshoot On-Premises Connectivity
8.6.5 Troubleshoot DHCP and DNS
8.6.7 Troubleshoot DHCP and DNS Facts
q_trb_premise_connect_ipconfig_sha5.question.fex
Question 3:
Incorrect
Examine the following output:
Proto Local Address Foreign Address State
TCP SERVER1:1036 localhost:4832 TIME_WAIT
TCP SERVER1:4798 localhost:1032 TIME_WAIT
TCP SERVER1:1258 pool-141-150-16-231.mad.east.ttr:24076 CLOSE_WAIT
TCP SERVER1:2150 cpe-66-67-225-118.roc.res.rr.com:14100 ESTABLISHED
TCP SERVER1:268 C872c-032.cpe.net.cale.rers.com:46360 ESTABLISHED
TCP SERVER1:2995 ip68-97-96-186.ok.ok.cox.net:23135 ESTABLISHED
Which of the following utilities produced this output?
Answer
nslookup
dig
Correct Answer:
netstat
ifconfig
Explanation
The netstat
command produced the output. netstat
reports the TCP/IP ports open on the local system and identifies the protocol and remote host connected to that port. This information can be very useful when looking for
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
security weaknesses, as a TCP/IP port that's open to traffic unnecessarily represents a security risk.
ifconfig
is a tool used on Unix, Linux, and Macintosh systems to view the configuration of network interfaces, including TCP/IP network settings.
The dig
command allows you to perform manual DNS lookups from a Linux or
Unix system. This can be very useful when troubleshooting name resolution issues.
nslookup
allows you to perform manual DNS lookups from a Windows system.
References
8.6.1 Troubleshooting On-Premises Connectivity
8.6.2 Troubleshoot On-Premises Connectivity
8.6.3 Troubleshoot On-Premises Connectivity Facts
8.6.4 Troubleshoot On-Premises Connectivity
8.6.5 Troubleshoot DHCP and DNS
8.6.7 Troubleshoot DHCP and DNS Facts
q_trb_premise_connect_netstat_output_sha5.question.fex
Question 4:
Incorrect
Mary calls to tell you that she can't connect to an intranet server called WebSrv1. From her computer, you ping the server's IP address. The ping test is successful.
Which tool would you use on her workstation next to troubleshoot the problem?
Answer
Correct Answer:
nslookup
netstat
arp
tracert
Explanation
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Use nslookup to troubleshoot name resolution problems. Because the ping test was successful, you know that both the client and the server can communicate using TCP/IP with IP addresses. This tells you that the problem is related to name resolution.
Use tracert
to track the route that a packet takes as it crosses a network. You wouldn't typically use these commands to troubleshoot a name resolution problem, though they may be useful if you're unable to connect to the DNS server.
The arp
command displays a network host's MAC address.
netstat
is used to view protocol connections that have been established by the system as well as which incoming TCP/IP ports are in use by the system.
References
8.6.1 Troubleshooting On-Premises Connectivity
8.6.2 Troubleshoot On-Premises Connectivity
8.6.3 Troubleshoot On-Premises Connectivity Facts
8.6.4 Troubleshoot On-Premises Connectivity
8.6.5 Troubleshoot DHCP and DNS
8.6.7 Troubleshoot DHCP and DNS Facts
q_trb_premise_connect_nslookup_sha5.question.fex
Question 5:
Incorrect
Which TCP/IP utility gives the following output?
Answer
ifconfig
ipconfig
arp -a
Correct Answer:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
ping
Explanation
The ping command displays the results of four echo request/reply contacts with a destination host.
Use the ifconfig command to show you the TCP/IP configuration for a Linux computer.
ipconfig is a utility used to obtain TCP/IP configuration on Windows systems.
Use the arp
command to view the MAC addresses associated with IP addresses that the local workstation has contacted recently. The -a
switch shows current ARP cache tables.
References
8.6.1 Troubleshooting On-Premises Connectivity
8.6.2 Troubleshoot On-Premises Connectivity
8.6.3 Troubleshoot On-Premises Connectivity Facts
8.6.4 Troubleshoot On-Premises Connectivity
8.6.5 Troubleshoot DHCP and DNS
8.6.7 Troubleshoot DHCP and DNS Facts
q_trb_premise_connect_ping_output_sha5.question.fex
Question 6:
Incorrect
Which of the following utilities would you use to view the routing table?
Answer
dig
mtr
Correct Answer:
route
traceroute
tracert
Explanation
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Use the route
command to display the routing table contents and to add or remove static routes.
The tracert command uses ICMP packets to test connectivity between devices and display the path between them. Responses from each hop on the
route are measured three times to provide an accurate representation of how long a packet takes to reach and be returned by that host.
The mtr
command on Linux is a combination of the ping
and traceroute
commands.
The dig
command resolves (looks up) a hostname's IP address.
References
8.6.1 Troubleshooting On-Premises Connectivity
8.6.2 Troubleshoot On-Premises Connectivity
8.6.3 Troubleshoot On-Premises Connectivity Facts
8.6.4 Troubleshoot On-Premises Connectivity
8.6.5 Troubleshoot DHCP and DNS
8.6.7 Troubleshoot DHCP and DNS Facts
q_trb_premise_connect_route_sha5.question.fex
Question 7:
Incorrect
Which of the following commands should you use to check the route a packet takes between a workstation and the DNS server?
Answer
dig
ping
Correct Answer:
tracert
nslookup
Explanation
The tracert
command is used to test the route between a workstation and the DNS server. Running this command shows you each stop or hop a packet takes to reach its destination.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
ping
is used to test the connectivity between two devices, but it does not show the route the packet will take.
dig
is used to query a host. Dig does not show the route a packet will take.
nslookup
queries a host's IP address. It does not show the route a packet will
take.
References
8.6.1 Troubleshooting On-Premises Connectivity
8.6.2 Troubleshoot On-Premises Connectivity
8.6.3 Troubleshoot On-Premises Connectivity Facts
8.6.4 Troubleshoot On-Premises Connectivity
8.6.5 Troubleshoot DHCP and DNS
8.6.7 Troubleshoot DHCP and DNS Facts
q_trb_premise_connect_tracert_sha5.question.fex
Question 8:
Incorrect
Which of the following commands do you use to clear the local DNS cache?
Answer
dig -x
nslookup set type=PTR
Correct Answer:
ipconfig /flushdns
ipconfig /release
Explanation
You use the ipconfig /flushdns command to clear the local DNS cache. Local
computers have a cache of recently resolved DNS names that holds the names and matching IP addresses. This is the first place a computer looks to find a DNS name. If the host's IP address has changed, clearing the local DNS cache forces the record to be updated.
The ipconfig /release
command clears the current IP configuration. This does
not clear the local DNS cache.
The dig -x
command finds the hostname for the queried IP address.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
The nslookup set type=PTR
command specifies a computer name if the query is an IP address. Otherwise, it specifies the pointer to other information.
References
8.6.1 Troubleshooting On-Premises Connectivity
8.6.2 Troubleshoot On-Premises Connectivity
8.6.3 Troubleshoot On-Premises Connectivity Facts
8.6.4 Troubleshoot On-Premises Connectivity
8.6.5 Troubleshoot DHCP and DNS
8.6.7 Troubleshoot DHCP and DNS Facts
q_trb_dhcp_dns_cache_sha5.question.fex
Question 9:
Incorrect
Which of the following BEST describes DHCP scope exhaustion?
Answer
When an attacker adds a second DHCP server to a network and offers IP addresses to clients wanting to join the network.
Correct Answer:
A denial of service from a lack of IP addresses in a DHCP server's pool.
When a DHCP snooping technique is used to drop packets from untrusted DHCP servers.
When IP address lease times on a DHCP server are shortened.
Explanation
A denial of service from a lack of IP addresses in a DHCP server's pool is one form of DHCP scope exhaustion. Another form comes from inefficient IP address management in which the IP address pool is depleted faster than it can be refilled.
A rogue DCHP server occurs when an attacker adds a second DHCP server to a network and offers IP addresses to clients wanting to join the network. If the network administrator does not have control over a DHCP server, it is considered a rogue DHCP server.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Shortening IP address lease times on a DHCP server can help prevent DHCP scope exhaustion.
DHCP snooping techniques can help protect against rogue DHCP servers.
References
8.6.1 Troubleshooting On-Premises Connectivity
8.6.2 Troubleshoot On-Premises Connectivity
8.6.3 Troubleshoot On-Premises Connectivity Facts
8.6.4 Troubleshoot On-Premises Connectivity
8.6.5 Troubleshoot DHCP and DNS
8.6.7 Troubleshoot DHCP and DNS Facts
q_trb_dhcp_dns_exhaustion_sha5.question.fex
Question 10:
Incorrect
When troubleshooting Azure VPN connections, what does a certificate warning when running a health probe indicate?
Answer
The shared key does not match on both the on-premises device and the Azure VPN gateway.
The VPN client needs to be reinstalled.
Correct Answer:
The VPN is up and healthy
The VPN is down.
Explanation
If you get a certificate warning when running a health probe, this means the VPN is up and healthy.
A certificate warning when running a health probe does not indicate that the VPN is down.
A certificate warning when running a health probe does not indicate that the VPN client needs to be reinstalled.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
A certificate warning when running a health probe does not indicate that the shared key does not match on both the on-premises device and the Azure VPN gateway.
References
8.6.8 Troubleshooting Hybrid Networking
8.6.9 Troubleshoot Hybrid Network Connectivity
8.6.10 Troubleshoot Hybrid Network Connectivity Facts
q_hybrid_network_connect_cert_warning_sha5.question.fex
Question 11:
Incorrect
What is the primary function of Azure Network Watcher?
Answer
To reinstall the VPN client
Correct Answer:
To monitor and manage resources in the Azure virtual network
To run a health probe
To troubleshoot Azure VPN connections
Explanation
Azure Network Watcher is a utility that provides different tools to manage and monitor resources in the Azure virtual network. It helps identify the source of most issues in the network so you can more easily resolve them.
Azure Network Watcher does not directly troubleshoot Azure VPN connections
but provides tools that can assist in this process.
Reinstalling the VPN client is a troubleshooting step for Azure VPN connections, not a function of Azure Network Watcher.
Running a health probe is a method to check the site-to-site VPN connections,
not a primary function of Azure Network Watcher.
References
8.6.8 Troubleshooting Hybrid Networking
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.6.9 Troubleshoot Hybrid Network Connectivity
8.6.10 Troubleshoot Hybrid Network Connectivity Facts
q_hybrid_network_connect_purpose_sha5.question.fex
Question 12:
Incorrect
You are troubleshooting Azure VPN connections; when should the VPN client be reinstalled?
Answer
Correct Answer:
When the Azure virtual network undergoes any changes.
When the IP configurations, subnets, and virtual network address spaces on both ends are not properly configured.
When the VPN gateway is down
When the shared key does not match on both the on-premises device and the Azure VPN gateway.
Explanation
The VPN client is configured for the network topology at the time it was installed. So, whenever the Azure virtual network undergoes any changes, the
VPN client must be reinstalled to ensure users can access resources, have the latest certificates, and avoid any point-to-site communication problems.
If the VPN gateway is down, the VPN Troubleshooting utility in Network Watcher should be used to diagnose the issue.
If the shared key does not match on both the on-premises device and the Azure VPN gateway, the key should be corrected, not reinstall the VPN client.
If the IP configurations, subnets, and virtual network address spaces on both ends are not properly configured, they should be corrected, not reinstall the VPN client.
References
8.6.8 Troubleshooting Hybrid Networking
8.6.9 Troubleshoot Hybrid Network Connectivity
8.6.10 Troubleshoot Hybrid Network Connectivity Facts
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
q_hybrid_network_connect_vpn_sha5.question.fex
8.7.10
Question 1:
Incorrect
You are having an issue uploading a virtual machine that is too big for the amount of space available on your Azure server.
Which type of issue are you encountering?
Answer
Extension
Provisioning
Correct Answer:
Allocation
Booting
Explanation
Allocation issues usually happen when you upload a VM that is too big for the amount of storage space in your Azure server.
You can fix this by doing one of the following:
Add more storage to the server
Load the VM onto a different Azure region with more space
Reduce the size of the VM
Provisioning issues are normally associated with pushing an image from an Azure server to enrolled devices.
Extensions are small applications that provide additional features for VMs.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
In this scenario, you are experiencing a space allocation issue, not a booting issue.
References
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.2 Troubleshoot Deployment Failures
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
q_trb_deploy_fail_allocation_sha5.question.fex
Question 2:
Incorrect
Which of the following is strongly recommended that you do to help resolve the most common issues with Azure virtual machine servers?
Answer
Add more storage space to the Azure server.
Use the Test Your Connection tool in the Azure portal.
Verify that RDAgent, Windows Azure Guest Agent, and Microsoft Azure Telemetry Service are running.
Correct Answer:
Enable the boot diagnostics feature by default on every Azure server.
Explanation
You should enable the boot diagnostics feature by default on every Azure server to resolve the most common issues with Azure virtual machine servers.
Through the Azure portal you can then access the server log files and the screenshots of the last startup attempt. You can use them to figure out what went wrong and fix it.
You should verify that RDAgent, Windows Azure Guest Agent, and Microsoft Azure Telemetry Service are all running if you are having issues with extensions to a virtual machine image.
You should add more storage space to the Azure server if you have allocation issues for uploading virtual machine images.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
When managing VMs, you usually use RDP or SSH protocols. To troubleshoot
connection problems involving these protocols, use the Test Your Connection tool in the Azure portal.
References
2.1.5 Malware Protection Facts
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.3 Troubleshoot Booting Failures
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
8.7.9 Troubleshoot Booting Failures
q_trb_deploy_fail_boot_diagnostics_sha5.question.fex
Question 3:
Incorrect
You are managing your Azure virtual machine servers using an SSH protocol. However, you recently started having connection issues. You switched to using an RDP protocol, but the issues persist.
Which of the following are troubleshooting steps you should take to try and resolve the connection issues? (Select two.)
Answer
Make sure the boot diagnostics feature is enabled by default on the Azure servers.
Make sure the Key Vault is in the same region and subscription as the Azure servers.
Check the storage tier plan to ensure that the maximum number of Azure server drives is not exceeded.
Correct Answer:
Check that you are using the right username and password.
Correct Answer:
Use the Test Your Connection tool in the Azure portal.
Explanation
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Whether you are using an RDP or SSH protocol to connect to an Azure server,
you can begin to troubleshoot any connection problems by doing the following:
Check that you are using the right username and password.
Use the Test Your Connection tool in the Azure portal.
Making sure the Key Vault is in the same region and subscription as the Azure
server is a troubleshooting step for resolving issues with Azure Disk Encryption (ADE).
If you get an error when attaching more disks to the VM, you should double-
check the storage tier plan to ensure the maximum number of drives is not exceeded. However, this is not a connection issue tied to the RDP and SSH protocols.
Making sure the boot diagnostics feature is enabled by default on the Azure server is a troubleshooting step when trying to resolve booting and performance issues.
References
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.7 Troubleshoot VM Connection Issues
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
q_trb_deploy_fail_connectivity_sha5.question.fex
Question 4:
Incorrect
You have enabled Azure Disk Encryption (ADE) on an Azure server virtual data disk that stores sensitive company information.
Recently, you have made several configuration changes in Azure, and now you are having encryption issues on the data disk.
Which of the following should you do to help resolve the encryption issues?
Answer
Make sure you are using the right username and password.
Correct Answer:
Make sure the Key Vault is in the same region and subscription as the Azure server virtual machine.
Make sure you are using Generation 2 for the Azure server virtual machine.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Make sure that the boot diagnostics feature is enabled by default on the Azure
server.
Explanation
Many issues involving encryption occur because the VM cannot access the Key Vault due to a configuration change. When encryption issues happen, make sure that the Key Vault is in the same region and subscription as the Azure server.
Checking for the correct username and password is part of the troubleshooting process for working with connectivity issues. It rarely impacts troubleshooting encryption issues.
Checking to make sure you are using Generation 2 is related to troubleshooting storage issues on an OS disk.
Checking to make sure that the boot diagnostics feature is enabled is part of the procedure for resolving most common booting issues with an OS disk.
References
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.6 Troubleshoot Disk Encryption Issues
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
q_trb_deploy_fail_encryption_issue_sha5.question.fex
Question 5:
Incorrect
You are having issues with your Azure virtual machine extensions working properly.
Which of the following services should you check to ensure the virtual machine agents are running? (Select three.)
Answer
Boot Diagnostics
Correct Answer:
Windows Azure Guest Agent
BitLocker for Windows
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Azure Disk Encryption (ADE)
Correct Answer:
Microsoft Azure Telemetry Service
Azure Bastion
Correct Answer:
RDAgent
Explanation
When troubleshooting Azure virtual machine extensions, you should first verify
that the following services are all running as the VM agents need them to run:
RDAgent
Windows Azure Guest Agent
Microsoft Azure Telemetry Service
Azure Disk Encryption (ADE) is an extra safety measure to protect data inside
an Azure virtual machine. It is not required for an extension to run properly.
While the boot diagnostics feature should be enabled by default on every Azure virtual machine to help with troubleshooting boot issues, it is not required for an extension to run properly.
BitLocker for Windows is a virtual machine used by Azure Disk Encryption (ADE).
When having issues with SSH or RDP connectivity to an Azure virtual machine (VM), you can implement Azure Bastion to act as a middle-man between the client and the VM so the VM isn't directly accessible from the internet.
References
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.5 Troubleshoot VM Extension Issues
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
q_trb_deploy_fail_extensions_sha5.question.fex
Question 6:
Incorrect
As a systems engineer for a large financial company, you have uploaded a generalized Windows image that you want to deploy to all company Windows
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
laptops in the Marketing department currently enrolled in Azure AD on an Azure server.
However, as soon as you begin the deployment process, you receive a timeout error, and the virtual machine image gets stuck at the Out Of Box Experience screen.
Which of the following is MOST likely causing this issue?
Answer
The virtual machine image is too large for the storage space available on the Azure server.
Correct Answer:
You have uploaded the generalized image as a specialized image to the Azure
server.
Not all the required services are running for the virtual machine agent.
The maximum number of virtual machine data disks has been exceeded.
Explanation
If you upload or capture a generalized image as a specialized image (or vice versa), you'll get a provisioning timeout, and the VM will get stuck at the Out Of Box Experience screen. This is the most likely cause of the deployment issue.
If the virtual machine image was too large for the storage space available on the Azure server, you would not have been able to upload the image.
Issues with the VM agent result in virtual machine extensions not running properly. A virtual machine extension is a small application that provides additional features for the virtual machine.
If the maximum number of virtual machine data disks has been exceeded, you
are dealing with a storage problem, not a provisioning problem that would cause the deployment process to time out and get stuck at the Out Of Box Experience screen.
References
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.2 Troubleshoot Deployment Failures
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
q_trb_deploy_fail_generalized_image_sha5.htm.question.fex
Question 7:
Incorrect
Which of the following is used by Azure Disk Encryption (ADE) to store and manage encryption keys?
Answer
Correct Answer:
Azure Key Vault
Microsoft Azure Telemetry Service
Test Your Connection
BitLocker
Explanation
ADE encryption keys are stored and managed by Azure Key Vault. The Vault allows ADE to access and use the keys as needed.
While ADE uses BitLocker for Windows VMs and DM-Crypt for Linux VMs, these are not tools used for storing and managing encryption keys.
Test Your Connection is a tool in the Azure portal to help resolve connectivity issues using the RDP or SSH protocols.
Microsoft Azure Telemetry Service is one of the services that need to be running for Azure virtual machine extensions to work properly.
References
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.6 Troubleshoot Disk Encryption Issues
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
q_trb_deploy_fail_key_vault_sha5.question.fex
Question 8:
Incorrect
You are working with an Azure server virtual disk with Azure Disk Encryption enabled and are attempting to do the following:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Extend the disk
Increase the disk size to 5 gigabytes
However, you are having issues completing both of these tasks.
What type of virtual disk are you MOST likely working with?
Select the correct answer from the drop-down list.
incorrect answer. Correct Answer:OS disk
Explanation
For OS disks, the maximum size for this type of disk is 4,095 gigabytes. In addition, you cannot extend this disk if Azure Disk Encryption is enabled.
Data disks and temporary disks are not restricted by a 4,095 gigabyte restriction and are not impacted by having Azure Disk Encryption enabled.
References
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
q_trb_deploy_fail_os_disk_sha5.question.fex
Question 9:
Incorrect
You are working with an Azure server and keeping critical data on one of the virtual disks. The server is scheduled for a planned preventive maintenance procedure.
After the procedure is completed, you check the Azure server and notice that the data on the virtual disk is completely wiped out.
What type of virtual disk are you MOST likely using to store the critical data?
Select the correct answer from the drop-down list.
incorrect answer. Correct Answer:Temporary disk
Explanation
Temporary disks should only be used for short-term storage and definitely not for critical data, as all data on the disk is wiped out during every Azure maintenance event.
You do not need to worry about data being wiped out on an OS or Data disk during a maintenance event.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
References
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
q_trb_deploy_fail_temp_disk_sha5.question.fex
Question 10:
Incorrect
There are times when traditional troubleshooting methods for resolving an Azure virtual machine issue do not work. In these instances, you can follow additional steps to help resolve that issue.
From the left, drag a step to the right and place it in the correct order to complete the additional steps to resolve the issue.
Step 1
correct answer:
Take a snapshot of the problematic VM.
Step 2
correct answer:
Create a new disk using the snapshot.
Step 3
correct answer:
Attach the new disk to a special recovery VM.
Step 4
correct answer:
Run the tools in the recovery VM.
Step 5
correct answer:
Swap out the bad disk for the newly-fixed one.
Step 6
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
correct answer:
Start the VM back up.
Keyboard Instructions
Explanation
In some rare cases, traditional troubleshooting methods do not work. In such instances, do the following in order:
Take a snapshot of the problematic VM.
Create a new disk using that snapshot.
Attach the new disk to a special recovery VM containing multiple repair tools for Azure VMs.
Run the tools in the recovery VM to fix the boot issues of the problematic VM.
Swap out the bad disk for the newly fixed one.
Start the VM back up.
References
8.7.1 Troubleshoot Windows Server VMs in Azure
8.7.4 Troubleshoot VM Performance Issues
8.7.8 Troubleshoot Windows Server VMs in Azure Facts
q_trb_deploy_fail_unsolvable_steps_sha5.question.fex
8.8.9
Question 1:
Incorrect
When troubleshooting on-premises Active Directory issues, which of the following would you use to check the health of a specific domain controller?
Answer
Dsquery
Correct Answer:
DCDiag
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Dsmgmt
Dsget
Explanation
DCDiag
is used to check the health of a specific domain controller.
Dsquery
is used to locate objects in the directory using search criteria.
Dsmgmt
is used to manage AD DS, such as FSMO roles.
Dsget
is used to view the properties of a specific directory object.
References
8.8.1 Troubleshoot Active Directory
8.8.7 Troubleshoot On-Premises Active Directory
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_dcdiag_sha5.question.fex
Question 2:
Incorrect
After performing maintenance on an Azure VM domain controller, it was discovered that some user objects were missing attributes. In order to restore the user objects to their previous state, which of the following actions would you take first?
Answer
Boot the domain controller and use the AD Recycle Bin to recover the attributes.
Restore the Azure VM using Azure Backup.
Correct Answer:
Boot into Directory Services Restore Mode (DSRM).
Recover using Azure Kubernetes Service backup.
Explanation
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
The first action would be to boot the DC into Directory Services Restore Mode
(DSRM).
Since the objects are missing attributes, the object would not have been deleted, and using AD Recycle Bin is not an option.
Restoring the Azure VM would not be the first action to take.
Recovering using Azure Kubernetes Service backup is irrelevant to this scenario and would not be used.
References
8.8.1 Troubleshoot Active Directory
8.8.3 Use Directory Services Restore Mode
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_dsrm_sha5.question.fex
Question 3:
Incorrect
The Knowledge Consistency Checker (KCC) is a built-in process that runs on all domain controllers and generates replication paths for the Active Directory forest.
Which of the following statements about KCC is correct?
Answer
KCC is responsible for assigning FSMO roles.
Correct Answer:
KCC generates replication paths every 15 minutes.
KCC is used to create and manage Group Policy Objects.
KCC only runs on the primary domain controller.
Explanation
The Knowledge Consistency Checker (KCC) is a built-in process that runs on all domain controllers and generates replication paths for the Active Directory forest. By default, it runs every 15 minutes to adjust the topology for any changes that occur in the network, such as when domain controllers are added or removed.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
KCC runs on all domain controllers, not just the primary domain controller.
KCC is not responsible for assigning Flexible Single Master Operations (FSMO) roles.
KCC is not used to create and manage Group Policy Objects (GPOs).
References
8.8.1 Troubleshoot Active Directory
8.8.5 Troubleshoot Active Directory Replication
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_kcc_sha5.question.fex
Question 4:
Incorrect
Users are having issues authenticating, and you suspect that password hash synchronization is the issue in your hybrid server environment.
Which of the following would you launch as part of the troubleshooting process?
Answer
Set-ADSyncScheduler -SyncCycleEnabled $false
Synchronization Service Manager
Correct Answer:
Azure AD Connect wizard
Active Directory Users and Computers
Explanation
Azure AD Connect wizard is launched as part of the troubleshooting process for password hash synchronization issues.
Active Directory Users and Computers is used to manage users, groups, computers, and all other directory objects. It does not provide the needed functionality to troubleshoot the issue.
Synchronization Service Manager is used to manage advanced sync engine configurations and is not needed in this scenario.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Set-ADSyncScheduler -SyncCycleEnabled $false
disables the sync scheduler and would not be used in this scenario.
References
8.8.1 Troubleshoot Active Directory
8.8.6 Troubleshoot Hybrid Authentication Issues
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_password_hash_sync_sha5.question.fex
Question 5:
Incorrect
An administrator has detected that changes to some objects in Active Directory don't exist on all domain controllers. You decide to troubleshoot Active Directory Domain Services (AD DS) replication.
Which of the following commands would show the replication status?
Answer
repadmin -showobjmeta
Correct Answer:
repadmin -showrepl
repadmin -prp
repadmin -kcc
Explanation
repadmin -showrepl
shows replication traffic and status.
repadmin -kcc
forces KCC to recalculate a domain controller's inbound replication paths.
repadmin -prp
specifies the Password Replication Policy (PRP) for RODCs.
repadmin -showobjmeta
shows replication data for a specific object in the database.
References
8.8.1 Troubleshoot Active Directory
8.8.5 Troubleshoot Active Directory Replication
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_repadmin_sha5.question.fex
Question 6:
Incorrect
A junior administrator deleted the wrong user account.
Which of the following can be used to restore the deleted user account?
Answer
System Restore
Only using a third-party tool
Correct Answer:
Active Directory Recycle Bin
System Configuration Utility
Explanation
The Active Directory Recycle Bin feature is a part of Active Directory Domain Services (AD DS) that allows you to restore deleted objects such as user accounts and computers.
System Restore is used to revert the computer's state, such as system files, installed applications, and system settings. It is not used to restore deleted user accounts.
The System Configuration Utility, also known as msconfig, is a troubleshooting
tool used to manage the startup process of a Windows computer. It does not provide the capability to restore deleted AD user accounts.
Only using a third-party tool is not correct because AD supports multiple methods to restore a deleted user account.
References
8.8.1 Troubleshoot Active Directory
8.8.2 Restore Objects from AD Recycle Bin
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_restore_objects_sha5.question.fex
Question 7:
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Incorrect
Snapshots of the Active Directory database can be used to create a point-in-
time copy of the database.
Which of the following utilities provides this functionality?
Answer
dsmod.exe
repadmin.exe
Correct Answer:
ntdsutil.exe
dsrm.exe
Explanation
ntdsutil.exe
is used to take snapshots of the AD database.
repadmin.exe
is used to monitor and troubleshoot AD replication.
dsmod.exe
is used to modify objects in the directory.
dsrm.exe
is used to delete an object from the directory.
References
8.8.1 Troubleshoot Active Directory
8.8.3 Use Directory Services Restore Mode
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_snapshots_sha5.question.fex
Question 8:
Incorrect
A domain controller must have a properly shared and replicating SYSVOL in order to function.
Which services should be running to provide this functionality? (Select two.)
Answer
Correct Answer:
Netlogon
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Volume Shadow Copy
Application Host Helper Service
Encrypting File System (EFS)
Correct Answer:
DFS Replication
Explanation
The DFS Replication and Netlogon services should be started and running.
All other services listed are not required for the proper functioning of the SYSVOL.
References
8.8.1 Troubleshoot Active Directory
8.8.4 Recover SYSVOL
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_sysvol_req_services_sha5.question.fex
Question 9:
Incorrect
During some recent maintenance on a domain controller, some of the tasks failed, and now the SYSVOL is no longer replicating. A domain controller must
have a properly shared and replicating SYSVOL in order to function.
Which of the following actions should you take to resolve the problem?
Answer
Duplicate the SYSVOL folder to a replication partner and restart AD DS in normal mode.
Remove all replication partners and add them back.
Correct Answer:
Rebuild the SYSVOL.
Make sure DFS Replication Services is running.
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Explanation
The SYSVOL would need to be rebuilt.
Removing all the replication partners and adding them back would not resolve
the issue.
DFS Replication Service should be stopped during a SYSVOL rebuild.
Duplicating the SYSVOL folder can be done from a healthy replication partner and not vice versa. This is part of the SYSVOL rebuild process.
References
8.8.1 Troubleshoot Active Directory
8.8.4 Recover SYSVOL
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_sysvol_sha5.question.fex
Question 10:
Incorrect
When an Active Directory object is deleted on Windows Server 2008 R2 or newer, the object still exists in the AD Recycle Bin.
What determines how long the object will remain in the AD Recycle Bin?
Answer
The objects are retained for 28 days.
Correct Answer:
The tombstone lifetime has not been exceeded.
The objects are retained for 14 days.
The object will stay indefinitely or until the recycle bin is manually emptied.
Explanation
As long as the object's tombstone lifetime has not been exceeded, the object will be available for recovery in the AD Recycle Bin.
The other options are incorrect and do not apply to the AD Recycle Bin.
References
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
8.8.1 Troubleshoot Active Directory
8.8.2 Restore Objects from AD Recycle Bin
8.8.8 Troubleshoot Active Directory Facts
q_trb_act_dir_tombstone_sha5.question.fex
Your preview ends here
Eager to read complete document? Join bartleby learn and gain access to the full version
- Access to all documents
- Unlimited textbook solutions
- 24/7 expert homework help
Related Documents
Recommended textbooks for you
Microsoft Windows 10 Comprehensive 2019
Computer Science
ISBN:9780357392607
Author:FREUND
Publisher:Cengage
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
COMPREHENSIVE MICROSOFT OFFICE 365 EXCE
Computer Science
ISBN:9780357392676
Author:FREUND, Steven
Publisher:CENGAGE L
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage
Recommended textbooks for you
- Microsoft Windows 10 Comprehensive 2019Computer ScienceISBN:9780357392607Author:FREUNDPublisher:CengageA+ Guide To It Technical SupportComputer ScienceISBN:9780357108291Author:ANDREWS, Jean.Publisher:Cengage,Systems ArchitectureComputer ScienceISBN:9781305080195Author:Stephen D. BurdPublisher:Cengage Learning
- COMPREHENSIVE MICROSOFT OFFICE 365 EXCEComputer ScienceISBN:9780357392676Author:FREUND, StevenPublisher:CENGAGE LNp Ms Office 365/Excel 2016 I NtermedComputer ScienceISBN:9781337508841Author:CareyPublisher:Cengage
Microsoft Windows 10 Comprehensive 2019
Computer Science
ISBN:9780357392607
Author:FREUND
Publisher:Cengage
A+ Guide To It Technical Support
Computer Science
ISBN:9780357108291
Author:ANDREWS, Jean.
Publisher:Cengage,
Systems Architecture
Computer Science
ISBN:9781305080195
Author:Stephen D. Burd
Publisher:Cengage Learning
COMPREHENSIVE MICROSOFT OFFICE 365 EXCE
Computer Science
ISBN:9780357392676
Author:FREUND, Steven
Publisher:CENGAGE L
Np Ms Office 365/Excel 2016 I Ntermed
Computer Science
ISBN:9781337508841
Author:Carey
Publisher:Cengage