PrepAway - Latest Free Exam Questions & Answers

Category: 70-660

Exam 70-660: TS: Windows Internals

Which of the following tools should be used?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. For a hardware device, you are developing a Windows device driver. You will install the device driver and hardware device on computers that run Windows Server 2008. Now you have to find out the amount of time that the processor uses to receive and process interrupts. Which of the following tools should be used?

So which of the following tools should be used?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. There is a colleague named Jason in the company. He has a computer named C01. C01 runs Windows Vista. He finds that a service process is using 100 percent of the processor. He has to force a process dump of the service, meanwhile the service is consuming 100 percent of the processor. He has no idea about which tool he should use. Since you are the technical support, he asks for your answer. So which of the following tools should be used?

Which synchronization primitive should be used?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. According to the company requirement, a user mode application is being developed by you. Two processes are contained in this application. The two processes need to be allowed to synchronize access to a shared data area. Which synchronization primitive should be used?

Of the following tolls, which one should be used?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. You are in charge of an application service. Because of heap corruption, it crashes intermittently. When it occurs, you have to detect the heap corruption. Of the following tolls, which one should be used?

Which IRQ Level (IRQL) should be used?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. For Windows XP, a device driver is created by you. This device driver runs on uniprocessor systems only. A system thread and a deferred procedure call (DPC) are created by the driver. The DPC is invoked by a repeating timer. Both the thread and the DPC must process entries from the same work queue. You must make sure that the system thread and the DPC are synchronized. Which IRQ Level (IRQL) should be used?

Of the following WinDbg commands, which one should be used?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. There is a colleague named Jason in the company. He has a computer which is named C01. Windows Server 2003 x64 Edition is run by C01. Now the computer crashes. After he opens the crash dump file, he finds that an illegal instruction exception has been caused by a kernel-mode device driver. Since you are the technical support, he asks you to find out whether the device driver is corrupt. Of the following WinDbg commands, which one should be used?

Of the following WinDbg commands, which one should be used?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. There is a computer named C02 in the company.

Windows Server 2008 is run by this computer. You find that most of the CPU time is used by the LSASS process. On the computer, a complete memory dump file is generated by you. You have to view the kernel-mode and user-mode stacks of all threads in the LSASS process. Of the following WinDbg commands, which one should be used?

So which of the following tools should be used?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. There is a colleague named Jason in the company. He has a file server that runs Windows Server 2003. The file server often stops responding after he receives the following error message in the event log. Error: 2019: The server was unable to allocate from the system nonpaged pool because the pool was empty. He has to find out which kernel driver is depleting all memory in the system nonpaged pool. But he has no idea about which tool he should use. Since you are the technical support, he asks for your answer. So which of the following tools should be used?

How many threads does the semaphore currently have waiting?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. According to the company requirement, you are debugging a Windows device driver. An unexpectedly long delay occurs on the device driver. You locate the problem in the following synchronization mechanism.

kd> dt var_sema

Local var @ 0xf9dfbc48 Type _KSEMAPHORE

+0x000 Header : _DISPATCHER_HEADER

+0x010 Limit : 2

kd> dt nt!_DISPATCHER_HEADER f9dfbc48

+0x000 Type : 0x5 ”

+0x001 Absolute : 0xe6 ”

+0x002 Size : 0x5 ”

+0x003 Inserted : 0xbb ”

+0x004 SignalState : 0

+0x008 WaitListHead : _LIST_ENTRY [ 0x819ca438 – 0x819ca438 ]

kd> dt nt!_KWAIT_BLOCK 0x819ca438

+0x000 WaitListEntry : _LIST_ENTRY [ 0xf9dfbc50 – 0xf9dfbc50 ]

+0x008 Thread : 0x819ca3c8 _KTHREAD

+0x00c Object : 0xf9dfbc48

+0x010 NextWaitBlock : 0x819ca480 _KWAIT_BLOCK

+0x014 WaitKey : 0

+0x016 WaitType : 1

kd> dt nt!_KWAIT_BLOCK 0xf9dfbc50

+0x000 WaitListEntry : _LIST_ENTRY [ 0x819ca438 – 0x819ca438 ]

+0x008 Thread : 0x00000002 _KTHREAD

+0x00c Object : 0xfd050f80

+0x010 NextWaitBlock : 0xffffffff _KWAIT_BLOCK

+0x014 WaitKey : 0

+0x016 WaitType : 0

You have to find out the number of threads that the semaphore currently has waiting. How many threads does the semaphore currently have waiting?

Which synchronization primitive should be used?

You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. According to the company requirement, a user mode application is being developed by you. Two processes are contained in this application. The two processes need to be allowed to synchronize access to a shared data area. Which synchronization primitive should be used?


Page 1 of 612345...Last »