Networking Chapter 11 Homework Which of the five logs has recorded the highest number

Unlock access to all the studying documents.

View Full Document

Chapter 11

Network Performance and Recovery

Applying Concepts: Explore Event Viewer in Windows

In this project, you will use the Event Viewer application to explore the event log on a

computer running Windows 10. Ideally, the computer will have been used for a while, so

the event log contains several entries. It need not be connected to a network. However,

you must be logged on to the computer as a user with administrator privileges.

2. The Event Viewer window opens, with three panes as shown in Figure 11-3. The

center pane lists a summary of administrative events. Notice that events are classified

into several types, which might include Critical, Error, Warning, Information, Audit

Success and, in some cases, Audit Failure. The number of events that have been

logged in each category is listed to the right of the classification entry. How many

Critical and Error events has your workstation logged in the last 24 hours? In the last

seven days?

3. If your workstation has logged any critical or error events in the past seven days, click

the plus sign next to the event type. A list of events appears. (If you do not have any

4. Notice that each event log entry is identified by an Event ID, its source, and the type

of log on which it’s recorded. (Event Viewer’s default screen lists entries for all types

of logs kept by the Windows operating system.) Scroll through the entries until you

find one that was logged by “System”—if possible, one that has occurred more than

once in the past seven days. Double-click that entry to read more about it. The

Summary page events pane appears in the center of the Event Viewer display (see

Figure 11-4).

5. Notice when these errors were recorded. On the General tab in the lower portion of

the middle pane, read a detailed description of the error you chose to view. If you

were a network manager, would you choose to be alerted whenever this error

occurred on a workstation or server? Why or why not?

6. Now click Windows Logs in the left pane of the Event Viewer display to view the

different types of logs about Windows events. The Windows Logs listing appears in

the center pane, as shown in Figure 11-5.

[[Insert Figure 11-5 here]]

7. Which of the five logs has recorded the highest number of events? How large is that

log file?

8. Suppose you want to limit the size of the system log. Right-click the System entry in

9. The Log Properties – System (Type: Administrative) dialog box opens. Next to the

10. Click OK to save your change. If you receive a message that indicates your current

log’s size exceeds the maximum limit you just entered, click OK to accept the

In Hands-On Project 11-1, you’ll learn how to work with the data collected in Windows

event logs.

Applying Concepts: Add a Virtual IP Address to Windows 10

You can add multiple, virtual IP addresses to a Windows computer. This is not the same

use case as previously described with load balancing. Instead, it might be used to assign a

different IP address to multiple instances of the same service running on a single

machine. For example, you might have three different websites running on one machine,

and each website would need its own IP address. To see how to add multiple IP addresses

to one network adapter on a Windows computer, complete the following steps:

1. Use Command Prompt to determine your computer’s current IP address, subnet

mask, and default gateway. What information did you find?

2. Open the Network and Sharing Center. Click Change adapter settings.

3. Open the properties box for the active network connection. Then open the

properties box for TCP/IPv4.

4. Configure a static IP address using the information you gathered in Step 1. Do not

5. On the IP Settings tab, under IP addresses, click Add, as shown in Figure 11-18.

Enter a second IP address in the same subnet as the original IP address and using

the same default gateway. Click Add.

6. Click OK three times, and close all open windows except Command Prompt. Run

ipconfig again to determine your current IP addresses, subnet mask, and

default gateway. What information is reported this time?

7. Ping your VIP. Was it successful?

8. If you have another computer on this subnet, ping each of the first computer’s two

IP addresses from the other computer. Are the pings successful? Why do you

think this is?

9. What steps do you need to take to return your computer to the IP configuration it

had when you started? If desired, do this now.

Review Questions

1. While troubleshooting a recurring problem on your network, you will want to

examine the TCP messages being exchanged between a server and a client. Which

tool should you use?

a. Spiceworks

b. Wireshark

c. Packet Tracer

d. VirtualBox

2. One of your coworkers downloaded several, very large video files for a special

project she’s working on for a new client. When you run your network monitor

later this afternoon, what list will your coworker’s computer likely show up on?

a. Top talkers

b. Top listeners

c. Giants

d. Jabbers

3. What command requests the next record in an SNMP log?

a. SNMP Get Request

b. SNMP Get Next

c. SNMP Trap

d. SNMP Get Response

4. What port do SNMP agents listen on?

a. Port 161

b. Port 21

c. Port 162

d. Port 20

5. Your roommate has been hogging the bandwidth on your router lately. What

feature should you configure on the router to limit the amount of bandwidth his

computer can utilize at any one time?

a. Power management

b. Port forwarding

c. Port mirroring

d. Traffic shaping

6. What field in an IPv4 packet is altered to prioritize video streaming traffic over

web surfing traffic?

a. Traffic Class

b. Priority Code Point

c. Time to Live

d. DiffServ

7. When shopping for a new router, what does the MTBF tell you?

a. How long until that device fails

b. How much it will cost to repair that device

c. How long devices like this one will last on average until the next failure

d. How long it will usually take to repair that device

8. Which of the following features of a network connection between a switch and

server is not improved by link aggregation?

a. Bandwidth

b. Fault tolerance

c. Speed

d. Availability

9. Which power backup method will continually provide power to a server if the

power goes out during a thunderstorm?

a. Online UPS

b. Generator

c. Dual power supplies

d. Standby UPS

10. Which type of disaster recovery site contains all the equipment you would need to

get up and running again after a disaster, and yet would require several weeks to

implement?

a. Warm site

b. Standby site

c. Hot site

d. Cold site

11. When you arrive at work one morning, your inbox is full of messages

complaining of a network slowdown. You collect a capture from your network

monitor. What can you compare it to in order to determine what has changed?

12. What file must be accessed in order to analyze SNMP logs?

13. What kinds of alerts can you program your network monitor to send to IT staff

when it detects specific, problematic conditions?

14. Which QoS technique operates at Layer 2 to more efficiently route Ethernet

traffic between VLANs?

15. Which fields are modified in IPv4 and IPv6 packets to help prioritize traffic for

QoS?

16. What protocol is most often used to bond ports between a switch and a busy

server?

17. What type of adapters are required on servers in an FCoE storage network?

18. Why might you want to install two power supplies in a critical server?

19. What are the two main categories of UPSes?

20. What is the primary goal of disaster recovery?

Hands-On Projects

Project 11-1: Work with Data in Event Viewer

In this chapter, you learned how to access and view event log information through the

Event Viewer application in Windows 10. In this project, you will practice filtering the

information contained in the log.

As in the “Applying Concepts: Explore Event Viewer in Windows” project, you need a

computer running Windows 10. Ideally, it should be a computer that has been used for a

while, so that the event log contains several entries. It need not be connected to a

network. However, you must be logged on to the computer as a user with administrator

privileges. Finally, you need to know your SMTP server information.

1. Open Event Viewer. In the left pane, click the Custom Views arrow and then click

2. Suppose you want to find out whether your workstation has ever experienced trouble

4. What is the first DHCP-related event you find? When did it occur? What was the

source of this event? Read the description of the event in the General tab to learn

more about it. Note: If the computer did not find a DHCP event, first make sure the

topmost record is selected before beginning your search to ensure that all the records

are searched. If a DHCP event is still not found, search for a different kind of event

such as DNS or Service Control Manager. Otherwise, choose another event at

random.

5. Click Cancel to close the Find dialog box. Keep the event listing that you found

highlighted.

6. Now suppose you want to be notified each time your workstation experiences this

error. In the Actions pane, click Attach Task To This Event. The Create Basic Task

Wizard dialog box opens.

7. In the Name text box, replace the default text with DHCP_my_computer, as shown

in Figure 11-33, or some other text appropriate for the type of event you’re saving.

Click Next to continue.

8. You’re prompted to confirm the Log, Source, and Event ID for this error. Click Next

to continue. You’re prompted to indicate the type of action the operating system

9. Now you are asked to provide information about the program you want the system to

open. Click the Browse button and find the Cmd.exe file—it should be located in the