ExamTopics Logo
Mail Us[email protected]
Menu
Microsoft Discussions
exam questions

Exam 70-740 All Questions

View all questions & answers for the 70-740 exam
Go to Exam

Exam 70-740 topic 1 question 183 discussion

Actual exam question from Microsoft's 70-740
Question #: 183
Topic #: 1
[All 70-740 Questions]

You have a file server named Server1 that runs Windows Server 2016.
Object access auditing is configured on Server1.
You need to filter the Security event log to show all log entries that relate to a user named User1.
What should you do?

  • A. Right-click the Security log, and then click Filter Current Log"¦ On the Filter tab, type a value in the User box.
  • B. Right-click the Security log, and then click Filter Current Log"¦ On the Filter tab, select a value from the Event sources box.
  • C. Right-click the Security log, and then click Create Custom View"¦ On the Filter tab, type a value in the User box.
  • D. Right-click the Security log, and then click Filter Current Log"¦ On the XML tab, modify the QueryList entry and set an EventData tag.
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
Right clicking the event log name and selecting the "Filter Current Log" will display various options for filtering the event log.
These options are:
✑ Time logged: There are pre-canned filters for the last hour, last 12 hours, last 24 hours, last week and last 30 days. Additionally you can specify a custom range.
✑ Event level: Choose to show only events that match the specified level critical, warning etc.
✑ Event Source: Select to only see events from MSI Installer, DHCP client etc.
✑ EventID: Specify the event ID.
✑ Keywords: Specify filters based on Audit Failure, Audit success

User -

✑ Computer(s)
References:
https://blogs.technet.microsoft.com/rmilne/2014/08/06/quick-tip-event-viewer-filtering/
by panda at July 12, 2020, noon

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
GoldenFox
4 years, 9 months ago
Right-click security log. So answer is correct, it's A. NOT C
upvoted 1 times
...
panda
4 years, 11 months ago
I think the given answer is correct. Since it relate to user, answer should A or C. Since the question says "You need to filter", it's A.
upvoted 1 times
panda
4 years, 10 months ago
Also about C Custom View could be set only by XML tab. That is the operation on C couldn't exist. Additionally this question is as same as No.16 on page 59.
upvoted 1 times
...
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel