In Windows Server 2008, which statement about filtering security events in Event Viewer is true?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $25.99Unlock all

Prepare for the Longhorn Server Training Test with our quiz. Study with flashcards and multiple choice questions. Each question includes hints and explanations to enhance your learning experience. Get ready to ace your exam!

Multiple Choice

In Windows Server 2008, which statement about filtering security events in Event Viewer is true?

Explanation:
Filtering in Event Viewer works by letting you target exactly the events you care about using multiple criteria. For security events, you can specify the log name (the Security log) and narrow down to specific event IDs that correspond to the activity you’re investigating. In Windows Server 2008, you can open Filter Current Log or create a Custom View, choose the Security log, and enter one or more event IDs (for example, logon success or failure IDs). You can also layer on other filters like date range, level, source, or keywords, but the key point is that you’re not limited to a single log or a single criterion—you can filter security events by log name and by event IDs to focus on precisely those events of interest. That ability to combine log name with event IDs is what makes this option correct. The other statements are inaccurate because you can view the Security log, you can filter by event IDs, and you’re not limited to filtering only by date.

Filtering in Event Viewer works by letting you target exactly the events you care about using multiple criteria. For security events, you can specify the log name (the Security log) and narrow down to specific event IDs that correspond to the activity you’re investigating. In Windows Server 2008, you can open Filter Current Log or create a Custom View, choose the Security log, and enter one or more event IDs (for example, logon success or failure IDs). You can also layer on other filters like date range, level, source, or keywords, but the key point is that you’re not limited to a single log or a single criterion—you can filter security events by log name and by event IDs to focus on precisely those events of interest.

That ability to combine log name with event IDs is what makes this option correct. The other statements are inaccurate because you can view the Security log, you can filter by event IDs, and you’re not limited to filtering only by date.

More Multiple Choice Questions
Subscribe

Get the latest from Passetra

You can unsubscribe at any time. Read our privacy policy