Which tool should you use?
Your network contains 200 servers that run Windows Server 2008 R2.
You need to archive the Security log for each server on a daily basis.
Which tool should you use?
What should you do?
Your network consists of a single Active Directory domain. All servers run Windows Server 2008 R2. You have a server named Server1 that hosts shared documents. Users report extremely slow response times when they try to open the shared documents on Server1. You log on to Server1 and observe real-time data indicating that the processor is operating at 100 percent of capacity.
You need to gather additional data to diagnose the cause of the problem.
What should you do?
What should you do?
Your company has a network that has 100 servers. You install a new server that runs Windows Server 2008 R2. The server has the Web Server (IIS) server role installed. After a week, you discover that the Reliability Monitor has no data, and that the Systems Stability chart has never been updated.
You need to configure the server to collect the Reliability Monitor data.
What should you do?
What should you do next?
Your company has a network that has 100 servers. A server named Server1 is configured as a file server. Server1 is connected to a SAN and has 15 logical drives. You want to automatically run a data archiving script if the free space on any of the logical drives is below 30 percent.
You need to automate the script execution.
You create a new Data Collector Set. What should you do next?
Which event log should you select?
Your company has an Active Directory domain that has two domain controllers named DC1 and DC2. You prepare both servers to support event subscriptions. On DC1, you create a new default subscription for DC2.
You need to review system events for DC2.
Which event log should you select?
Which two actions should you perform?
Your company has a main office and a branch office. The branch office has three servers that run a Server Core installation of Windows Server 2008 R2. The servers are named Server1, Server2, and Server3. You want to configure the Event Logs subscription on Server1 to collect events from Server2 and Server3. You discover that you cannot create a subscription on Server1 from another computer.
You need to configure a subscription on Server1.
Which two actions should you perform? (Each correct answer presents part of the solution. Choose two.)
Which tool should you use?
Your network contains a server that runs Windows Server 2008 R2. You plan to create a custom script.
You need to ensure that each time the script runs, an entry is added to the Application event log.
Which tool should you use?
Which tool should you use?
Your network contains 100 servers that run Windows Server 2008 R2. A server named Server1 is deployed on the network. Server1 will be used to collect events from the Security event logs of the other servers on the network.
You need to define the Custom Event Delivery Optimization settings on Server1.
Which tool should you use?
What should you do?
You perform a security audit of a server named DC1. You install the Microsoft Network Monitor 3.0 application on DC1. You plan to capture all the LDAP traffic that comes to and goes from the server between 20:00 and 07:00 the next day and save it to the E:data.cap file. You create a scheduled task. You add a new Start a program action to the task.
You need to add the application name and the application arguments to the new action.
What should you do?
What should you do?
You perform a security audit on a server named Server1. You install the Microsoft Network Monitor 3.0 application on Server1. You find that only some of the captured frames display host mnemonic names in the Source column and the Destination column. All other frames display IP addresses.
You need to display mnemonic host names instead of IP addresses for all the frames.
What should you do?