Monitoring Servers

Practice Labs Module
Time
1 hour
Difficulty
Intermediate

The "Monitor Servers" module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises: Create Data Collector Sets, Configure Event Subscription.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
or

Already have an account? Sign In »

Overview

Introduction

The Monitor Servers module provides you with the instruction and server hardware to develop your hands on skills in the defined topics. This module includes the following exercises:

  • Create Data Collector Sets
  • Configure Event Subscription

Lab time: It will take approximately 1 hour to complete this lab.

Exam Objectives

The following exam objectives are covered in this lab:

  • CS0-001 2.1: Given a scenario, implement an information security vulnerability management process
  • CS0-001 3.4: Given a scenario, analyze common symptoms to select the best course of action to support incident response
  • CS0-001 3.5: Summarize the incident recovery and post-incident response process
  • CS0-001 4.3: Given a scenario, review security architecture and make recommendations to implement compensating controls

Exercise 1 - Data Collector Sets

In this exercise, you will use Performance Monitor to collect data on important server resources like CPU, Memory, Disk and Network Interface. This free administrator utility can come handy should you want to perform capacity planning and find out how the server is performing under a specific workload.

In this exercise, you will learn the following:

  • Create Data Collector Sets
  • Create a Schedule
  • Configure Alerts

Exercise 2 - Configuring Alerts for Data Collector Sets

Alerts are very useful when working with Data Collector Sets; they work to highlight information of concern or when a system is beginning to show signs of stress, allowing the network administrator to quickly review the problem and address the location or source of the issue before it evolves into a possible cascade situation.

In this exercise you will learn:

  • Configuring Alerts

Alerts watching the CPU will highlight its stress load which inform the administrator to review the level which might be undergoing a distributed denial of service of attack, or a virus is deliberately overloading the CPU to prevent availability.

Exercise 3 - Configure Event Subscription

In this exercise, you will configure Event Log forwarding using the Event Subscription feature of Event Viewer.

In this exercise, you will learn the following:

  • Change Group Membership of Event Collector Computer
  • Allow Windows Remote Management
  • Configure Event Collector Workstation
  • Initiate Event Forwarding
Learning Partner
Comprehensive Learning

See the full benefits of our immersive learning experience with interactive courses and guided career paths.