Microsoft Windows Server Troubleshooting

26. September 2016 Microsoft, Study Guides 0
Microsoft Windows Server Troubleshooting


Troubleshooting requires technical skills and an understanding of processes and procedures. Processes and procedures are often documented as troubleshooting methodologies. You may develop your own methodology over time, or you can use existing methodologies that have been tested and proven by other organizations. The Information Technology Infrastructure Library (ITIL) provides documents that include troubleshooting best practices. Windows Server includes several tools that can be used for troubleshooting, including the Task Manager, Performance Monitor, Resource Monitor, and Event Viewer.


  • Using the Event Viewer, filter the Application log to show only Critical-level and Error-level events.
  • Use the Performance Monitor to view the live statistics for the Bytes Total/sec counter in the Network Interface group.
  • Launch the Notepad application, and then use the Task Manager to kill its process.
  • Use the ping command to test connectivity to

Answers for Exercises

  • Open the Event Viewer, and then perform the following:
    • 1. Right-click on the Application log.
    • 2. Select Filter Current Log.
    • 3. In the Filter Current Log dialog, select only the Critical and Error levels, and click OK.
  • Open the Performance Monitor, and then follow these steps:
    • 1. Select the Performance Monitor node in the left pane.
    • 2. Click on the green plus sign (+) to add a new counter.
    • 3. In the Add Counters dialog, scroll through the Available Counter list until you see one labeled Network Interface.
    • 4. Click the plus sign (+) to the right of the Network Interface group to expand the list.
    • 5. Select the Bytes Total/sec counter and click the Add button.
    • 6. Click OK.
  • Open Notepad, and then follow these steps:
    • 1. Press Ctrl+Shift+Esc to open the Task Manager.
    • 2. On the Applications tab, right-click the Untitled – Notepad application.
    • 3. Select End Task.
  • Open a Command Prompt window. Execute the command ping and view the results.


  • 1. What shortcut key combination is used to open the Task Manager?
    • A. Ctrl+Esc
    • B. Ctrl+T
    • C. Ctrl+Shift+Esc
    • D. Alt+T
  • 2. True or false: The ITIL defines an incident and a problem differently.
  • 3. You experience the following symptoms: corrupted display and system crashes. Which one of the following hardware items has most likely failed?
    • A. Disk
    • B. CPU
    • C. Memory
    • D. Display adapter
  • 4. Name an OSI model layer that may be evaluated during the troubleshooting process for network problems?
  • 5. What event log severity level includes entries always indicating an unrecoverable problem?
    • A. Errors
    • B. Warning
    • C. Critical
    • D. Information
  • 6. Define ITIL.
  • 7. Define Event Viewer.
  • 8. What can be used to limit the event log entries displayed in the Event Viewer?
    • A. Performance counters
    • B. Event subscriptions
    • C. Event filtering
    • D. Task Manager
  • 9. Which one of the following is used to kill tasks running on a Windows machine?
    • A. Task Manager
    • B. Performance Monitor
    • C. Event Viewer
    • D. ARP
  • 10. True or false: Networking problems are always constrained to the server machine.

Answers for Review Questions

  • 1. C You can press Ctrl+Shift+Esc to open the Task Manager. This is much faster than the other methods available for accessing it.
  • 2. True According to ITIL, an incident is an event that is not part of standard operations and that may cause an interruption or a reduction in the quality of a service. The problem is the underlying cause of the incident.
  • 3. D Because display corruption is occurring, this is most likely the display adapter. It could also be the system board, which was not mentioned as an optional answer.
  • 4. Physical, Data Link, Network, Transport, Session, Presentation, Application. Although the chapter focused on the lower three, any layer can be evaluated in the troubleshooting process.
  • 5. C The Critical level indicates that a failure has occurred and the application or components could not automatically recover.
  • 6. The Information Technology Infrastructure Library (ITIL) is a set of documents that define best practices for technology management.
  • 7. An application used to view, search, filter, and manage event logs in Windows operating systems.
  • 8. C Event filtering is used to limit the event log entries to those that come from a specific source, have a specific level of severity, or were created within a specified date range among other things.
  • 9. A The Task Manager can be used to kill running tasks. You can also use the taskkill command form the Command Prompt.
  • 10. False Networking problems can occur anywhere in the chain from the server to the accessing client. Switches can fail, routers can fail, and network cabling can fail.

Leave a Reply

Your email address will not be published. Required fields are marked *