What should you do to configure the event collection and event forwarding?

You are the newly appointed enterprise administrator at Domain.com. The Domain.com network consists of a single Active Directory domain named Domain.com. All servers on the Domain.com network run Windows Server 2008.
Domain.com contains two servers named CERTKILLER-SR11 and CERTKILLER-SR12. CERTKILLER-SR11 is used to collect all the events. You have also configured the required event subscriptions to collect events from CERTKILLER-SR12 which will be then transferred to CERTKILLER-SR11. However, none of the subscriptions works. You need to configure the event collection and event forwarding.
What should you do? (Choose THREE. Each answer forms part of the solution.)

You are the newly appointed enterprise administrator at Domain.com. The Domain.com network consists of a single Active Directory domain named Domain.com. All servers on the Domain.com network run Windows Server 2008.
Domain.com contains two servers named CERTKILLER-SR11 and CERTKILLER-SR12. CERTKILLER-SR11 is used to collect all the events. You have also configured the required event subscriptions to collect events from CERTKILLER-SR12 which will be then transferred to CERTKILLER-SR11. However, none of the subscriptions works. You need to configure the event collection and event forwarding.

What should you do? (Choose THREE. Each answer forms part of the solution.)

A.
The best option is to execute the winrm quickconfig command on CERTKILLER-SR12.

B.
The best option is to execute the wecutil qc command on CERTKILLER-SR12.

C.
The best option is to add the CERTKILLER-SR11 account to the Administrators group on CERTKILLER-SR12.

D.
The best option is to execute the winrm quickconfig command on CERTKILLER-SR11.

E.
The best option is to add the CERTKILLER-SR12 account to the Administrators group on CERTKILLER-SR11.

F.
The best option is to execute the wecutil qc command on CERTKILLER-SR11.

Explanation:

The Normal subscriptions work only in Workgroup environment. So this subscription will not work. You need to add CERTKILLER-SR11 account to the Administrators group on CERTKILLER- SR12. This will allow you to configure the event collection and event forwarding on CERTKILLER- SR11 and CERTKILLER-SR12. You need use the winrm quickconfig command, because the server is part of the Active Directory (AD). To set up the source system to accept WS- Management requests from other systems you need to type y followed with Enter to make the
modifications. You need to repeat the WinRM command to control bandwidth usage or latency of the event forwarding process. You should also use the wecutil qc command and use the y followed with Enter to make the changes. This will configure the Windows Event Collector service to delayed autostart and start the service.

Reference : Collect Vista Events
http://www.prismmicrosys.com/newsletters_june2007.php

Show Hint

Leave a Reply 1

Your email address will not be published. Required fields are marked *