CHP10
Where would you find files related to logon and logoff scripts in an Active Directory environment? C:\Windows\NTDS %systemroot%\SYSVOL %Windir%\ntds.dit C:\Windows\edb.log
%systemroot%\SYSVOL
Which subtype of the Applications and Services logs in Event Viewer is hidden and disabled by default? -Choose all that apply. Analytic Admin Debug Operational
Analytic Debug
An alert in Performance Monitor can write an event to which log? Security System Application Error
Application
You need to allow a junior administrator named jradmin to perform backup operations on a server named DataServ1. You don't want to give jradmin broader rights or permissions on the server, and this user shouldn't be able to restore files. What should you do? Add jradmin to the Backup Operators group. Add jradmin to the Server Operators group. Assign jradmin the Back up files and directories right. Add jradmin to the Allow list in the Software Restrictions policy.
Assign jradmin the Back up files and directories right.
Which of the following counters refers to the quantity of disk read and write operations that are waiting to be serviced? Average Disk Queue Length Disk Bytes/sec % Disk Time % Idle Time
Average Disk Queue Length
What should you do to get a better idea of normal and abnormal system performance on your network? Talk to your users every day Create a baseline by recording monitor sessions at random times for later comparison Watch for certain thresholds to be exceeded Create a baseline by recording monitor sessions at peak and off-peak times for later comparison
Create a baseline by recording monitor sessions at peak and off-peak times for later comparison
Which of the following logs in Event Viewer do you use to create an event subscription? System Forwarded Events Security Setup
Forwarded Events
Which of the following backup types should be performed on a Hyper-V host server to include the Hyper-V role, Hyper-V settings, and all the virtual machine settings and their guest OS and data? -Choose all that apply. System state Full server Bare metal recovery System checkpoint
Full server Bare metal recovery
Performance Monitor displays statistics in which of the following formats? -Choose all that apply. Pie chart Histogram Report Line graph
Histogram Report Line graph
You have noticed that your system's performance has been degrading when running multiple applications on your server. You suspect that your system does not have enough memory to support the current workloads and is resolving too many hard page faults. Which memory counter would be the best counter to investigate to confirm your analysis? Paging File: % Usage Memory: Available MBytes Memory: Pages/sec Memory: Interrupts/sec
Memory: Pages/sec
You have a domain controller that suffered a system crash, and you have to perform a full server recovery. You have two other DCs on the network, and they have been working fine during the two days the DC was offline. What type of Active Directory restore should you perform? Authoritative restore Shadow copy restore Nonauthoritative restore Bare metal recovery
Nonauthoritative restore
In addition to monitoring system resources, you can do which of the following with Resource Monitor? -Choose all that apply. Review and close processes that have stopped responding Delete files Control services See what files are in use by applications
Review and close processes that have stopped responding Control services See what files are in use by applications
Which item is not included in a system state backup of a member server? Boot files The Registry SYSVOL Windows system files
SYSVOL
What feature can you enable in Windows Server 2016 to reduce the need to perform restore operations from a backup for files? Shadow copies FSRM Disk quotas Windows RE
Shadow copies
You can save event log information as a file in which format? -Choose all that apply. Event log file format Log file format Tab delimited Comma delimited
Tab delimited Event log file format Comma delimited
Which of the following situations typically require the availability of a backup created by Windows Server Backup? -Choose all that apply. You need continuous availability of a network service. There's been accidental deletion of folders or files. You need to fail over to a replica VM. A server's registry appears to be corrupted.
There's been accidental deletion of folders or files A server's registry appears to be corrupted.
Which of the following is true about a scheduled backup? You can create a separate schedule for each type of backup you want to perform. You can specify a destination disk that's dedicated to backup jobs. Only one backup set is stored on the destination. You can't use a network share as the destination for a scheduled backup.
You can specify a destination disk that's dedicated to backup jobs.
Which specific command-line tool will allow you to manage and back up IIS configuration files? appcmd.exe resmon.exe msconfig.exe ntdsutil.exe
appcmd.exe
Within the NTDS file folder located in %systemroot%, which file is considered the main Active Directory database? edb.dit addb.dit edb.log ntds.dit
ntds.dit
What command-line program should you use to revert a volume to an existing shadow copy? diskpart Start-Backup wbadmin vssadmin
vssadmin
Which of the following commands will allow you to back up the Registry, boot files, the Active Directory database, and the SYSVOL folder? robocopy C:\Windows wbadmin start systemstatebackup backup %systemroot% -selectsystemstate ntdsutil create snapshot -source C:\Windows\ntds
wbadmin start systemstatebackup
