Of the following WinDbg commands, which one should be used?
You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. There is a computer named C02 in the company.
Windows Server 2008 is run by C02. The computer crashes every week and a complete memory dump is created. The !analyze command is run from WinDbg by you and get the following output:
Bad_Pool_Header 0x0000000019 (0x0000000020, 0xa34583b8, 0xa34584f0, 0x0a270001)
You need to identify the pool tag that is associated with the Bad_Pool_Header pool allocation. Of the following WinDbg commands, which one should be used?
In order to achieve this goal, what action should be performed?
You are responsible for the company network and provide technical support for your company. You are in charge of offering service for a customer named Alex. You collect the following information from a customer: From this customer, you collect information about all proof of licenses (POLs), hardware and software inventory. This customer owns two Microsoft Office products. One is Office Standard Edition 2003 that has Microsoft Software Assurance, the other one is Office Standard Edition 2007 that is currently used on all desktop computers. Since you can provide technical support, the customer asks you to make sure that his Office licenses are valid. In order to achieve this goal, what action should be performed?
What action should you perform?
You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. There is a colleague named Jason in the company. He has a computer which runs Windows Vista. The computer has the kernel debugging option enabled. A partial checked build of the kernel (ntoskrnl.chk) and the HAL (halacpi.chk) need to be loaded from
the debug target. But he is not clear about what to do. Since you are the technical support, he asks for your help. What action should you perform?
So what action should you perform?
You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. You are in charge of an application named MyApp. This application fails sometimes and displays the following exception code: 0xC0000005 According to the indication of the call stack, MyApp fails in different locations including ntdll.dll and MyApp.exe. The functions main and doRealWork are always included in the stack trace always. You review the source code for MyApp.exe and find the following code snippet:
#include <string.h>
#include <stdio.h>
extern void doRealWork(char *);
char * myfunc(char *);
void main(int argc,char *argv[])
{
char * szLocalBuffer;
szLocalBuffer = myfunc(“Data Pay load”);
if (!szLocalBuffer)
{
printf(“a failure has occured\r\n”);
}
else
{
doRealWork(szLocalBuffer);
}
}
char * myfunc(char *szData)
{
char *szBuffer;
szBuffer=(char*)malloc(10);
if(szBuffer)
{
sprintf(szBuffer,”The data passed to this function was %s”,szData);
return szBuffer;
}
else
{
return NULL;
}
}
In the above code, you resolve the error. You find that MyApp.exe continues to fail with the same call stacks. You have to find out what is causing the application to fail. So what action should you perform?
Which data fields must be used?
You are responsible for the company network and provide technical support for your company. You are in charge of offering service for a customer named Alex. There is an Active Directory and Microsoft System Center Configuration Manager (CfgMgr)for him. Since you provide technical support, you are asked to find out which data fields must be used to create a baseline hardware inventory report by using Active Directory and CfgMgr. Which data fields must be used?
So what is the physical address?
You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. For a hardware device, you are debugging a device driver.
You run !pte 2652b8 from WinDbg and get the following output:
VA 002652b8
PDE at 00000000C0600008 PTE at 00000000C0001328
contains 00000000006CB067 contains 800000000C20F067
pfn 6cb —DA–UWEV pfn c20f —DA–UW-V
You need to find out physical address for the virtual address 002652b8. So what is the physical address?
So of the following data fields, which one should be identified?
You are responsible for the company network and provide technical support for your company. You are in charge of offering service for a customer named Alex. According to the requirement of Alex, you attempt to reconcile a software entitlement for him. This morning you get two reports from Alex. One is about Microsoft License Statement (MLS) and the other one is about reseller purchase history. In these two reports, both of product description and purchase order number and date are contained. Now the customer requires that an additional data field should be added to the two reports. So of the following data fields, which one should be identified?
So what action should you perform?
You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. There is a colleague named Jason in the company. He has a computer which is named C01. Windows Server 2003 is run by C01. A service named Service01 has been installed on C01. Service01 plays the role of a shared process and it is hosted by the generic host process svchost.exe. Now Service01 needs to be an isolated process. Since you are the technical support, he asks you to achieve this for him. So what action should you perform?
So what action should be performed to improve the software acquisition policy?
You are responsible for the company network and provide technical support for your company. There is a software acquisition policy in your company. According to that policy, you should make sure that purchasing must be kept centralized and the receiving must be kept managed. Now you get an order from the CIO, according to his requirements, the software acquisition policy should be improved. So what action should be performed to improve the software acquisition policy?
So of the following Perfmon counters, which should be used? (choose more than one)
You are the IT professional who work in an International company named Wiikigo. You are experienced in troubleshooting operating systems and applications that are not working correctly, identifying code defects and so on. You have enough knowledge on windows internals and you provide technical support for the company. You have a colleague named Jason in the sales department. He has a computer which is named C01. Windows Server 2003 is run by C01. He finds that the total kernel-mode CPU time for all processes is 60 percent, and the total kernel-mode CPU time for the processor is 80 percent. He wants to find out what is using the rest 20 percent of the kernel-mode CPU time. Since you are the technical support, he asks for your help. So of the following Perfmon counters, which should be used? (choose more than one)