mcsa mcse windows xp professional study guide 2nd phần 9 ppsx

In the Add Counters dialog box, specify the following performance objects and counters: Select Processor from the performance object drop-down list, select %Processor Time in the count

Trang 1

Managing System Performance 567

In Exercise 13.3, you will monitor your computer’s processor This exercise assumes that you have completed the other exercises in this chapter

Monitoring and Optimizing the Disk Subsystem

Disk access is the amount of time your disk subsystem takes to retrieve data that is requested

by the operating system The two factors that determine how quickly your disk subsystem will respond to system requests are the average disk access time on your hard drive and the speed of your disk controller

Key Counters to Track for the Disk Subsystem

You can monitor the PhysicalDisk object, which is the sum of all logical drives on a single physical drive, or you can monitor the LogicalDisk object, which represents a specific logical disk Following are the most important counters for monitoring the disk subsystem These counters can be tracked for both the PhysicalDisk object and the LogicalDisk object

E X E R C I S E 1 3 3

Monitoring the System Processor

1. If System Monitor is not already open, select Start All Programs Administrative Tools

Monitor.

2. In the System Monitor window, click the Add button on the toolbar.

3. In the Add Counters dialog box, specify the following performance objects and counters:

Select Processor from the performance object drop-down list, select %Processor Time

in the counter list box, and click the Add button.

Select Processor from the performance object drop-down list, select Interrupts/Sec in

the counter list box, and click the Add button.

4. Click the Close button You should see these counters added to your chart.

5. To generate some activity, select Start Control Panel Appearance and Themes

Display Click the Screen Saver tab Select 3D FlowerBox and click the Preview button Let this process run for about 5 seconds, and close all of the dialog boxes you opened in this step You should see that the %Processor Time counter spiked during this process.

6. Note the Processor > %Processor Time counter If this counter’s average is below 85%, you

do not have a processor bottleneck.

7. Note the Processor > Interrupts/Sec counter If this counter is below 1,000 on a Pentium

computer, you do not have any processes or hardware that are generating excessive interrupts.

Leave System Monitor open, for use again in Exercise 13.4.

Trang 2

PhysicalDisk > %Disk Time Shows the amount of time the physical disk is busy because it is

servicing read or write requests If the disk is busy more than 90% of the time, you will improve performance by adding another disk channel and splitting the disk I/O requests between the channels

PhysicalDisk > %Current Disk Queue Length Indicates the number of outstanding disk requests

that are waiting to be processed This value should be less than 2

Tuning and Upgrading the Disk Subsystem

When you suspect that you have a disk subsystem bottleneck, the first thing you should check

is your memory subsystem Insufficient physical memory can cause excessive paging, which

in turn affects the disk subsystem If you do not have a memory problem, you can try the following solutions to improve disk performance:

Use faster disks and controllers

Confirm that you have the latest drivers for your disk host adapters

Use Disk Manager to use disk striping to take advantage of multiple I/O channels

Balance heavily used files on multiple I/O channels

Add another disk controller for load balancing

Use Disk Defragmenter to consolidate files so that disk space and data access are optimized

If you are on a network, distribute applications that have high disk I/O through the Distributed File System (DFS) to balance workload

In Windows NT 4, you enabled all disk counters through the DISKPERF –Y command Physical and logical disk counters are automatically enabled in Windows XP Professional.

In Exercise 13.4, you will monitor your disk subsystem This exercise assumes that you have completed the other exercises in this chapter

E X E R C I S E 1 3 4

Monitoring the Disk Subsystem

1. If System Monitor is not already open, select Start All Programs Administrative Tools Monitor.

Select PhysicalDisk from the performance object drop-down list, select %Disk Time from the counter list box, and click the Add button.

Select PhysicalDisk from the performance object drop-down list, select Current Disk Queue Length from the counter list box, and click the Add button.

Trang 3

You can monitor the amount of free disk space on your logical disk through the LogicalDisk > %Free Space counter This counter can also be used as an alert For example, you might set an alert to notify you when LogicalDisk > %Free Space on drive C: is under 10%.

Monitoring and Optimizing the Network Subsystem

Windows XP Professional does not have a built-in mechanism for monitoring the entire

network However, you can monitor and optimize the traffic that is generated on the specific Windows XP computer You can monitor the network interface (your network card), and you can monitor the network protocols that have been installed on your computer

Network bottlenecks are indicated when network traffic exceeds the capacity that can be supported by the Local Area Network (LAN) Typically, you would monitor this activity on

a network-wide basis—for example, with the Network Monitor utility that is shipped with Windows Server 2003

Key Counters to Track for the Network Subsystem

If you are using the System Monitor utility to monitor local network traffic, the following two counters are useful for monitoring the network subsystem:

Network Interface > Bytes Total/Sec Measures the total number of bytes sent or received

from the network interface and includes all network protocols

TCP > Segments/Sec Measures the number of bytes sent or received from the network interface

and includes only the TCP protocol

Select LogicalDisk from the performance object drop-down list, select %Idle Time from

the counter list box, and click the Add button.

5. To generate some activity, open and close some applications and copy some files between

the C: drive and D: drive.

6. Note the PhysicalDisk > %Disk Time counter If this counter’s average is below 90%, you

are not generating excessive requests to this disk.

7. Note the PhysicalDisk > %Current Disk Queue Length counter If this counter’s average is

below 2, you are not generating excessive requests to this disk.

Leave System Monitor open; you will use this utility again in Exercise 13.5.

E X E R C I S E 1 3 4 ( c o n t i n u e d )

Trang 4

Normally, you monitor and optimize the network subsystem from a network perspective rather than from a single computer For example, you can use a network protocol analyzer to monitor all traffic on the network to determine whether the network bandwidth is acceptable for your requirements and that network bandwidth is saturated.

Tuning and Upgrading the Network Subsystem

The following suggestions can help to optimize and minimize network traffic:

Use only the network protocols you need For example, use TCP/IP and don’t use NWLink

If you need to use multiple network protocols, place the most commonly used protocols higher in the binding order

Use network cards that take full advantage of your bus width—for example, 32-bit cards instead of 16-bit cards

Use faster network cards—for example, 100Mbps Ethernet instead of 10Mbps Ethernet

In Exercise 13.5, you will monitor your network subsystem This exercise assumes that you have completed the other exercises in this chapter

E X E R C I S E 1 3 5

Monitoring the Network Subsystem

1. If System Monitor is not already open, select Start All Programs Administrative Tools Monitor.

Select Network Interface from the performance object drop-down list, select Bytes Total/Sec in the counter list box, and click the Add button.

Select TCP from the performance object drop-down list, select Segments/Sec from the counter list box, and click the Add button.

5. To generate some activity, copy some files between your C: drive and D: drive.

6. Note the two counters Network Interface > Bytes Total/Sec and TCP > Segments/Sec These numbers are cumulative Use them in your baselines to determine network activity.

Leave your Monitor console open, for use again in Exercise 13.6.

Trang 5

Creating Baseline Reports

As explained earlier in this chapter, baselines show how your server is performing at a certain time By taking baselines at regular intervals and also whenever you make changes to the system’s configuration, you can monitor your server’s performance over time

You can create baselines by setting up a counter log file in the Performance Logs and Alerts utility After you’ve created the baseline log file, you can view it in System Monitor, as shown

in Figure 13.17

F I G U R E 1 3 1 7 Viewing a performance baseline in System Monitor

In Exercise 13.6, you will create a baseline report for your computer

E X E R C I S E 1 3 6

Creating a Baseline Report

1. If the Monitor console is not already open, select Start All Programs Administrative

Tools Monitor.

2. Double-click Performance Logs and Alerts.

3. Right-click Counter Logs and select New Log Settings.

4. In the New Log Settings dialog box, type Countermmddyy (replace mmddyy with the current

month, date, and year) as the log name The log file will be stored in the C:\PerfLogs folder by default Click the OK button.

Trang 6

Using the System Tool in Control Panel

The System Tool in Control Panel can be used to manage performance options for your puter The performance-related options that can be configured through the System Tool include how visual settings affect performance, processor scheduling, memory usage, and how the paging file is configured

com-To access these options, select Start Control Panel Performance and Maintenance System Select the Advanced tab, and then for Performance, click the Settings button You will see two tabs, Visual Effects and Advanced

5. In the General tab of the counter log Properties dialog box, click the Add Counters button and add the following counters:

Memory > Available MBytes

Memory > Pages/Sec

Paging File > %Usage

Processor > %Processor Time

Processor > Interrupts/Sec

PhysicalDisk > %Disk Time

PhysicalDisk > Current Disk Queue Length

Network Interface > Bytes Total/Sec

TCP > Segments/Sec

6. Click the Close button, and set the interval for sampling data to 5 seconds.

7. Click the Log Files tab Uncheck the End File Names With check box This will prevent the

appending of mmddhh (month/day/hour) to the filename Click the OK button to close

the Properties dialog box and start the log file.

8. Generate some system activity: Start and stop some applications, copy a few files, and run

a screensaver for 1 or 2 minutes.

9. To view your log file, open System Monitor Click the View Log Data button on the toolbar

In the System Monitor dialog box that appears, select the Log Files radio button and click the Add button.

10. In the Select File dialog box, select C:\PerfLogs\Countermmddyy and click the Open button.

11. Add the counters from the log file you created to see the data that was collected in your log.

Trang 7

Using the System Tool in Control Panel 573

From the Visual Effects tab (see Figure 13.18), you can specify how performance is tuned based on the visual effects you choose to use with your user interface The selections for visual effect settings include:

Let Windows choose what’s best for my computer

Adjust for best appearance

Adjust for best performance

Custom

F I G U R E 1 3 1 8 The Visual Effects tab of the Performance Options dialog box

If you click the Advanced tab, you will see the dialog box shown in Figure 13.19 From the Advanced tab, you can configure:

Processor scheduling, which allows you to optimize the processor time for running programs

or background services

Memory usage, which allows you to optimize memory for programs or system cache

Virtual memory, which is used to configure the paging file

If you click on the Change button within the Virtual Memory section of the Advanced tab, you can manage the page file, as shown in Figure 13.20

When Windows is initially installed, the page file, pagefile.sys, is set to 1.5 times the

amount of physical memory You can optimize the page file by moving it from the drive that contains the system partition or by splitting the it over multiple disk I/O channels

In order to make changes to the System Tool, you must be logged onto the local computer with administrative rights.

Trang 8

F I G U R E 1 3 1 9 The Advanced Tab of the System Tool

F I G U R E 1 3 2 0 Virtual Memory dialog box

Trang 9

Using Task Manager 575

Using Task Manager

The Task Manager utility shows the applications and processes that are currently running on

your computer, as well as CPU and memory usage information To access Task Manager, press Ctrl+Alt+Delete and click the Task Manager button Alternatively, right-click an empty area in the Taskbar and select Task Manager from the pop-up menu

The Task Manager dialog box has four main tabs, Applications, Processes, Performance, and Networking These options are covered in the following subsections

Managing Application Tasks

The Applications tab of the Task Manager dialog box, shown in Figure 13.21, lists all of the applications that are currently running on the computer For each task, you will see the name

of the task and the current status (running, not responding, or stopped)

F I G U R E 1 3 2 1 The Applications tab of the Task Manager dialog box

To close an application, select it and click the End Task button at the bottom of the dialog box To make the application window active, select it and click the Switch To button If you want to start an application that isn’t running, click the New Task button and specify the location and name of the program you wish to start

Managing Process Tasks

The Processes tab of the Task Manager dialog box, shown in Figure 13.22, lists all the processes that are currently running on the computer This is a convenient way to get a quick look at

Trang 10

how your system is performing Unlike System Monitor, Task Manager doesn’t require that you first configure the collection of this data; it’s gathered automatically.

F I G U R E 1 3 2 2 The Processes tab of the Task Manager dialog box

For each process, you will see the image name (the name of the process), the user name (the user account that is running the process), CPU (the amount of CPU utilization for the process), and Mem Usage (the amount of memory that is being used by the process)

From the Processes tab, you can organize the listing and control processes as follows:

To organize the processes based on usage, click the column headings For example, if you click the CPU column, the listing will start with the processes that use the most CPU resources If you click the CPU column a second time, the listing will be reversed

To manage a process, right-click it and choose an option from the pop-up menu You can choose to end the process, end the process tree, or set the priority of the process (to realtime, high, abovenormal, normal, belownormal, or low) If your computer has multiple processors installed, you can also set processor affinity (the process of associating a specific process with a specific processor) for a process See Chapter 4, “Configuring the Windows XP Environment,” for details on setting processor affinity

To customize the counters that are listed, select View Select Columns This brings up the Select Columns dialog box, shown in Figure 13.23, where you can select the information that you want to see listed on the Processes tab

Trang 11

F I G U R E 1 3 2 3 Selecting information for the Task Manager’s Processes tab

In the following subsections you will learn how to stop processes and manage process priority

Stopping Processes

You may need to stop a process that isn’t executing properly To stop a specific process, select the process you want to stop in the Task Manager’s Processes tab and click the End Process button Task Manager displays a Warning dialog box Click the Yes button to terminate the process

If you right-click a process, you can end the specific process or you can use the option End Process Tree The End Process Tree option ends all processes that have been created either directly or indirectly by the process

Some of the common processes that can be managed through Task Manager are listed in Table 13.2

smss.exe Session Manager subsystem

csrss.exe Client-server runtime server service

mmc.exe Microsoft Management Console program (used to track resources used

by MMC snap-ins such as System Monitor)

Trang 12

Managing Process Priority

You can manage process priority through the Task Manager utility or through the start command-line utility To change the priority of a process that is already running, use the Processes tab of Task Manager Right-click the process you want to manage and select Set Priority from the pop-up menu You can select from Realtime, High, Abovenormal, Normal, Belownormal, and Low priorities

To start applications and set their priority at the same time, use the start command The options that can be used with the start command are listed in Table 13.3

Running a process-intensive application in the Realtime priority class can significantly impact Windows XP Professional performance.

explorer.exe Windows Explorer interface Ntvdm.exe MS-DOS and Windows 16-bit application support

T A B L E 1 3 3 Options for the start Command-Line Utility

/low Starts an application in the idle priority class.

/normal Starts an application in the Normal priority class.

/high Starts an application in the High priority class.

/realtime Starts an application in the Realtime priority class.

/abovenormal Starts an application in the Abovenormal priority class.

/belownormal Starts an application in the Belownormal priority class.

/min Starts the application in a minimized window.

/max Starts the application in a maximized window.

/separate Starts a Windows 16-bit application in a separate memory space By

default Windows 16-bit applications run in a shared memory space, NTVDM, or NT Virtual DOS Machine.

/shared Starts a DOS or Windows 16-bit application in a shared memory space.

T A B L E 1 3 2 Common Processes (continued)

Trang 13

In Exercise 13.7, you will set the priority for a process

Managing Performance Tasks

The Performance tab of the Task Manager dialog box, shown in Figure 13.24, provides an overview of your computer’s CPU and memory usage This is similar to the information tracked

by System Monitor, and you don’t have to configure it first as you do with System Monitor

F I G U R E 1 3 2 4 The Performance tab of the Task Manager dialog box

E X E R C I S E 1 3 7

Setting a Process Priority

1. Right-click an empty space on your taskbar and select Task Manager from the pop-up menu.

2. In the Applications tab, click the New Task button.

3 In the Create a New Task dialog box, type CALC and click the OK button.

4. Click the Processes tab Right-click calc.exe and select Set Priority, then Low In the Task

Manager Warning dialog box, click the Yes button to continue.

5. Right-click calc.exe and select End Process In the Task Manager Warning dialog box, click

the Yes button.

Trang 14

The Performance tab shows the following information:

CPU usage, in real time and in a history graph

Page file usage, in real time and in a history graph

Totals for handles, threads, and processes

Physical memory statistics

Commit charge memory statistics

Kernel memory statistics

Managing Networking Tasks

The Networking tab of the Task Manager dialog box, shown in Figure 13.25, provides an overview of your networking usage This is similar to the information tracked by System Monitor, and you don’t have to configure it first as you do with System Monitor

F I G U R E 1 3 2 5 The Networking tab of the Task Manager dialog box

Scheduling Tasks

Windows XP Professional includes a Task Scheduler utility that allows you to schedule tasks

to occur at specified intervals You can set any of your Windows programs to run automatically

at a specific time and at a set interval, such as daily, weekly, or monthly For example, you might schedule your Windows Backup program to run daily at 2:00 A.M

Trang 15

Scheduling Tasks 581

In Exercise 13.8, we will create a new scheduled task

E X E R C I S E 1 3 8

Creating a New Scheduled Task

1. Select Start Control Panel Performance and Maintenance, and select Scheduled Tasks.

2. In the Scheduled Tasks window, double-click the Add Scheduled Task icon.

3. When the first page of the Scheduled Task Wizard appears, click the Next button to continue.

4. The first Scheduled Task Wizard dialog box lists applications you can run You can select an

application from the list or click the Browse button to locate any application or program

to which your computer has access After you select an application, click the Next button.

5. The next wizard dialog box prompts you to select a name for the task and specify when it

will be performed Make your selection and click the Next button.

Trang 16

6. Depending on the selection you made for the task’s schedule, you may see another dialog box for setting the specific schedule For example, if you chose to run the task weekly, the next dialog box lets you select the start time for the task, choose to run the task every

x weeks, and pick the day of the week that the task should be run Make your selection

and click the Next button.

7. Next, you are prompted to enter the username and the password that will be used to start the task After you enter this information, click the Next button.

8. The final dialog box shows your selections for the scheduled task If this information is correct, click the Finish button.

Trang 17

Managing Scheduled Task Properties

You can manage a scheduled task through its properties dialog box; Figure 13.26 shows the properties for the Calculator job To access this dialog box, open the Scheduled Tasks window (Start Control Panel Performance and Maintenance, and then select Scheduled Tasks)

Right-click the task you wish to manage, and choose Properties from the pop-up menu

F I G U R E 1 3 2 6 The Task properties for the scheduled task

The scheduled task properties dialog box has three tabs, Task, Schedule, and Settings, with options for managing how and when the task is run and who can manage it These options are described in the following sections

Task Properties

Through the Task tab (see Figure 13.26), you can configure the following options:

The command-line program that is used to run the task

The folders containing related files that might be required to run the specified task (this

is the Start In information)

Any comments that you want to include for informational purposes

The username and password to be used to run the specified task (this is the Run As

information)

Whether the scheduled task is enabled

Trang 18

The Settings tab (Figure 13.28) offers several configuration settings for the scheduled task:

The options in the Scheduled Task Completed section allow you to delete the task if it will not be run again and specify how long the task should be allowed to run before it is stopped

The options in the Idle Time section are useful if the computer must be idle when the task

is run You can specify how long the computer must be idle before the task begins and whether the task should be stopped if the computer ceases to be idle

The options in the Power Management section are applicable when the computer on which the task runs may be battery powered You can specify that the task should not start if the computer is running from batteries and choose to stop the task if battery mode begins

If you are using Task Scheduler and your jobs are not running properly, make sure that the Task Scheduler service is running and is configured to start automatically You should also ensure that the user who is configured to run the scheduled task has sufficient permissions to run the task.

Trang 19

F I G U R E 1 3 2 8 The Settings tab of the scheduled task dialog box

Troubleshooting Scheduled Tasks

If you are trying to use Scheduled Tasks and the tasks are not properly being executed, one of the following troubleshooting options may resolve the problem

If a scheduled task does not run as expected, right-click the task and select Properties From the Task tab, verify that the Enabled check box is selected From the Schedule tab, verify the schedule that has been defined for the task to run

If the scheduled task is a command-line utility, make sure that you have properly defined the command-line utility, including any options that are required for the utility to run properly

Verify that the user who is configured to run the scheduled task has the necessary

permissions to the task that will be run

Within the Scheduled Tasks window, check the task status within the Status column The status types are defined as:

Blank, which indicates that the task is not running, or that it was run successfully

Running, which means that the task is currently being run

Missed, which specifies that one or more attempts to run the task were missed

Could not start, which indicates that the most recent attempt to start the task failed

Verify that the Scheduled Tasks service has been enabled on the computer if no tasks can

be run on the computer

Trang 20

If no user is logged into the computer when the task is scheduled to be run, the task will still run, but it will not be visible.

Be able to monitor and troubleshoot Windows XP Professional performance Know which

utilities can be used to track Windows XP performance events and issues Know how to track and identify performance problems related to memory, the processor, the disk subsystem, and the network subsystem Be able to correct system bottlenecks when they are identified

Know how to use the Task Scheduler to automate system tasks Understand the purpose of

Task Scheduler Be able to configure Task Scheduler and identify problems that would keep

it from running properly

Key TermsBefore you take the exam, be certain you are familiar with the following terms:

page file

Trang 21

Review Questions 587

Review Questions

1. You are the network administrator of a medium-sized company Tim is a user in the Finance department He notices that his computer’s performance is slow at times You decide to monitor the computer’s performance through Performance Logs and Alerts You monitor counters related to memory, processor, the disk subsystem, and the network subsystem For memory, you are monitoring the Memory > Available Mbytes counter When you analyze the data from Tim’s computer, the value for the Memory > Available Mbytes counter averages 12MB over a typical sampling period Based on this data, what course of action should you take?

A. Add RAM

B. Increase the size of the page file

C. Split the page file over two physical disk channels

D. Take no action

2. Your accounting department runs a processor-intensive application and you are trying to determine whether their current computers need to have the processors upgraded You load a test computer with a configuration identical to the production computers’ and run a program that simulates a typical user’s workload You monitor the Processor > %Processor Time counter What average value for this counter would indicate a processor bottleneck?

A. Memory

B. Processor

C. Network

D. Application

Trang 22

4. You are the network administrator for a network that consists of Windows XP Professional computers configured as a workgroup One of your users, Curtis, recently installed Visio on his computer for creating engineering diagrams When Curtis runs this application, it takes between

5 and 10 seconds to load He uses the Task Manager utility to try to determine if he has a resource bottleneck Which two of the following subsystems should he monitor through Task Manager to help determine what the bottleneck is?

Two physical SCSI disks

Disk 0 has Partition C: and D

Disk 1 has Partition E:

192MB page file on C:

100Mbps Ethernet NICThe payroll manager requires the use of a database application She has come to you to report that when the database application is running, the computer slows down very significantly, and she is unable to run any other applications You run System Monitor on her computer and record the following information when the database application is running:

Sustained processor utilization is at 100% for both processors

There are a significant number of hard page faults

Trang 23

When you record the data for the computer when the database application is not running, you record the following information:

Average processor utilization is at 30%

There are a significant number of hard page faultsThe database application is critical to the finance manager’s job In order to be able to better manage her productivity, which of the two following actions will have the greatest impact on optimizing her computer’s performance?

A. Upgrade the processors in her computer

B. Add memory to the computer

C. Split the page file over D: and E:

D. Increase the page file to 256MB

7. You are the network administrator, responsible for managing the computers used by the

Engineering department Each user has a dual processor computer The engineers all run CAD, Visio, and some other specialized engineering applications You are testing how performance can be improved for these computers and want to test what will happen if you use processor affinity to associate specific applications with specific processors Which of the following options should you use to configure processor affinity?

A. Through Control Panel, System

B. Task Manager

C. Performance Monitor

D. System Logs and Alerts

8. You are the network administrator for a large company The payroll manager has Windows XP Professional installed on her desktop computer The computer has the following configuration:

Dual Pentium III Processors

128MB of RAM

Two physical SCSI disks 20GB each

Disk 0 has Partition C: (10GB, 8GB free, and the system partition) and D (10GB, 4GB free)

Disk 1 has Partition E: (20GB, 12GB free)

192MB page file on E:

100Mbps Ethernet NIC

Trang 24

The payroll manager uses a specialized payroll application She reports that when she initially starts her computer, everything works well, but after using the payroll application for two hours, her computer starts to get slower and slower After about two hours and 15 minutes, she gets

an error message stating that her system is low on virtual memory You have ordered additional memory for her computer, but it is out of stock In the meantime you want to optimize her computer as much as possible What course of action should you take?

A. Increase the size of the paging file to 256MB

B. Move the paging file to the C: drive

C. Edit the config.sys file so that buffers = 128

D. In Control Panel, System, Advanced Options, configure memory for Allow Best Performance for System Cache

9. You are the Help Desk manager of a large corporation You want to make some changes to your computer and would like to create a baseline report that will be used to measure your computer’s performance before and after each change is made to the computer’s configuration When you open System Monitor, which of the following counters are active by default?

A. Memory > Pages/Sec

B. Processor > %Processor Time

C. Paging File > %Usage

D. None

10. You are the network administrator for a large company One of the computers that you are monitoring is a Pentium computer You suspect that you have a bottleneck, possibly due to a malfunctioning piece of hardware When you monitor the computer through System Monitor, one of the counters you track is Processor > Interrupts/Sec Which of the following values would first indicate that a piece of hardware is malfunctioning due to spurious interrupts?

A. 250

B. 500

C. 750

D. 1,000

11. You are the network administrator for a medium-sized company One of your responsibilities is

to monitor performance for the computers in the accounting department You create a baseline report that tracks counters for memory, processor, the disk subsystem, and the network subsystem One of the counters you track through System Monitor is the PhysicalDisk > Current Disk Queue Length counter You might have a disk subsystem bottleneck when this counter is initially over which of the following values?

A. 1

B. 2

C. 10

D. 12

Trang 25

12. You are the network administrator for the XYZ Corporation Your accounting manager uses a financial application that requires several hours a day to create reports that are required by the accounting department While the application is running, the accounting manager finds that his computer is very slow when running other accounting applications You have been asked to configure his computer so that the other accounting applications that are being run are more responsive Which of the following configuration changes should you make?

A. Configure the accounting applications to run at high priority

B. Configure the accounting applications to run at realtime priority

C. Configure the financial application to run at below normal priority

D. Configure the financial application to run at above normal priority

13. When you schedule a task to be run, which of the following task properties cannot be configured?

A. The username and password of the user who will run the task

B. Power management, so that if the computer is a laptop and is running from the battery, the task will not run

C. Whether the task will be run once or repeatedly

D. Whether another task will be run if specific conditions trigger the secondary task

14. You want to track system performance for a baseline over a period of two days You want

the data to be collected every 5 minutes What type of log would you create for this monitoring, through Performance Logs and Alerts?

A. This counter’s value should be around 4 to 5

B. This counter’s value should be around 30 to 40

C. This counter’s value should be around 40 to 50

D. This counter’s value should be around 50 to 60

Trang 26

Answers to Review Questions

1. D As long as the counter for Memory > Available MBytes shows more than 4MB of memory,

no bottleneck is indicated and no intervention is needed If the number is below 4MB, then you should add more physical memory to the computer

2. D If the average Processor > %Processor Time counter is consistently above 85%, a processor bottleneck may be indicated (Normally this number will spike up and down over time If it spikes over 85%, it is not necessarily alarming If the average is over 85%, then a bottleneck

is indicated.)

3. A You should check the memory counters If your computer does not have enough memory,

it can cause excessive paging, which may be perceived as a disk subsystem bottleneck

4. A, B Through the Performance tab of Task Manager, you can easily monitor your computer’s current processor activity and memory utilization Task Manager does not track disk statistics and based on his local use of the application, a network bottleneck is not indicated If you used the System Monitor utility, you would need to configure it before any data could be collected or analyzed

5. A To automate scheduled tasks, you use the Scheduled Tasks utility You can schedule tasks to

be run based on the schedule you specify and the username and password that will be used

to run the task

6. A, B The greatest improvement in performance for this computer can be obtained by upgrading the processors and adding more physical RAM Because the database application is using 100% processor utilization over a sustained period, you need to upgrade the processors The hard page faults indicate that you also have a memory bottleneck While moving or increasing the page file might have an impact on performance, neither would have as large an impact as adding more physical memory will

7. B You can configure processor affinity through the Task Manager utility This is one option for optimizing processor performance

8. A Creating a larger initial paging file will help alleviate the current problem You need to add additional RAM to the computer, but to prevent the error message from occurring, you can help minimize the problem until more memory is installed by increasing the initial size of the paging file

9. D None of System Monitor’s counters are on by default If you want to see how your processor and memory are being utilized without setting any configuration options, you should use Task Manager

10. D The Processor > Interrupts/Sec counter shows the average number of hardware interrupts the processor receives each second If this value is more than 1,000 on a Pentium computer, you might have a problem with a program or hardware that is generating spurious interrupts

11. B The PhysicalDisk > Current Disk Queue Length counter indicates the number of outstanding disk requests waiting to be processed This counter value should be less than 2

Trang 27

Answers to Review Questions 593

12. C You should configure the financial application to run at below normal priority This will cause the running of the financial application to have less of a performance impact on the accounting applications as they are processed

13. D There are no options to trigger secondary conditional tasks You can configure the user who will be used to run the task, the schedule for running the task, and how the task will be executed

in conjunction with a laptop’s power state

14. A Counter logs record data about hardware usage and the activity of system services You can configure logging to occur manually or on a predefined schedule

15. A The Memory > Pages/Sec counter shows the number of times that the requested information was not in memory and had to be retrieved from disk This counter’s value should be below 20 For optimal performance, it should be 4 to 5

Trang 28

14

Performing System Recovery Functions

MICROSOFT EXAM OBJECTIVES COVERED

Troubleshoot system restoration by starting in safe mode

Recover System State data and user data by using the Recovery console

Configure, manage, and troubleshoot Remote Desktop and Remote Assistance.

Simpo PDF Merge and Split Unregistered Version - http://www.simpopdf.com

Trang 29

System recovery is the process of making your computer work again in the event of failure In this chapter, you will learn how to safeguard your computer and how to recover from a disaster The benefit of having a disaster recovery plan is that when you expect the worst to happen and are prepared for it, you can easily recover from most system failures.

One utility that you can use to diagnose system problems is Event Viewer Through the Event Viewer utility, you can see logs that list events related to your operating system and applications

If your computer will not boot, an understanding of the Window XP boot process will help you identify the area of failure and correct the problem You should know the steps

in each stage of the boot process, the function of each boot file, and how to edit the BOOT.INI file

When you have problems starting Windows XP, you can press F8 when prompted during the boot sequence This calls up the Windows XP Advanced Options menu This menu includes several special boot options, such as Safe Mode and Last Known Good Configuration, that are useful for getting your system started so you can track down and correct problems

One of the new features of system recovery in Windows XP Professional is driver rollback, which allows you to easily roll back to a previously used driver

The Startup and Recovery options are used to specify how the operating system will react in the event of system failure For example, you can specify whether the system should automatically reboot and whether administrative alerts should be sent

You can use the Dr Watson utility, which ships with Windows XP Professional, to diagnose application errors When an application error occurs, Dr Watson starts automatically, displaying information about the error

Backups are the best protection you can have against system failure You can create backups through the Backup utility, which offers options to run the Backup and Restore Wizard and the Automated System Recovery Wizard

System Restore allows you to create and use restore points to return your operating system

to a previous configuration

Another option that experienced administrators can use to recover from a system failure is the Recovery Console The Recovery Console boots your computer so that you have limited access to FAT16, FAT32, and NTFS volumes

In this chapter, you will learn how to use all these system recovery functions of Windows XP Professional We’ll begin with an overview of techniques to protect your computer and recover from disasters In addition, we’ll also look at two new options in Windows XP: Remote

Trang 30

Safeguarding Your Computer and Recovering from Disaster 597

Desktop and Remote Assistance Remote Desktop is used to access a Windows XP sional computer remotely Remote Assistance is used to request assistance from another

Profes-Windows XP user

Safeguarding Your Computer and

Recovering from Disaster

One of the worst events you will experience is a computer that won’t boot An even worse experience is discovering that there is no recent backup for that computer

The first step in preparing for disaster recovery is to expect that a disaster will happen at some point, and take proactive steps to plan your recovery before the failure occurs Following are some of the preparations you can make:

Perform regular system backups

Use virus-scanning software

Perform regular administrative functions, such as monitoring the logs in the Event Viewer utility

If you can’t start Windows XP Professional, there are several options and utilities that can

be used to identify and resolve Windows errors The following is a broad list of troubleshooting options:

If you have recently made a change to your computer’s configuration by installing a new device driver or application and Windows XP Professional will not load properly, you can use the Last Known Good Configuration, roll back the driver, or use System Restore to restore a previous system configuration

If you can boot your computer to Safe Mode, and you suspect that you have a system conflict, you can temporarily disable an application or processes, services, or uninstall software

If your computer will not boot to Safe Mode, you can use the Recovery Console to replace corrupted files or perform other recovery options manually For example, on an x86-based system, you should verify that the BOOT.INI settings are correct On an Itanium-based computer, you would verify that the NVRAM startup settings were correct

If necessary, you can use the Backup utility to restore operating and data files from backup media You can also use Automated System Recovery Wizard in conjunction with the Backup utility to reformat the system partition and restore operating system files from backup media you previously created

Table 14.1 summarizes all of the Windows XP utilities and options that can be used to assist

in performing system recovery

Trang 31

598 Chapter 14 Performing System Recovery Functions

All these Windows XP Professional recovery techniques are covered in detail in this chapter

T A B L E 1 4 1 Windows XP Professional Recovery Techniques

Recovery Technique When to Use

Event Viewer If the Windows XP operating system can be loaded through

Normal or Safe Mode, one of the first places to look for hints about the problem is Event Viewer Event Viewer displays System, Security, and Application logs.

Safe Mode This is generally your starting point for system recovery Safe

Mode loads the absolute minimum of services and drivers that are needed to boot Windows XP If you can load Safe Mode, you may be able to troubleshoot devices or services that keep Windows XP from loading normally.

Last Known Good Configuration

This option can help if you made changes to your computer and are now having problems Last Known Good Configuration is an Advanced Options menu item that you can select during startup

It loads the configuration that was used the last time the computer booted successfully This option will not help if you have hardware errors.

Driver Rollback Driver rollback is used to restore a driver to a previous version

that has been saved This option is used when you update a driver and it is not functioning properly.

Dr Watson This utility helps when you are experiencing problems with

an application Dr Watson is used to diagnose and troubleshoot application errors.

Backup Utility You should use this utility to safeguard your computer

Through the Backup utility, you can back up the system or parts of the system and restore data from backups that you have made.

System Restore System Restore is used to create known checkpoints of your

sys-tem’s configuration In the event that your system becomes misconfigured, you can restore the system configuration to one

of the known good checkpoints.

Recovery Console You can use this option if none of the other options or utilities

works The Recovery Console starts Windows XP without the graphical interface and allows the administrator limited capabil- ities, such as adding or replacing files and enabling/disabling services.

Trang 32

Using Event Viewer 599

Using Event Viewer

You can use the Event Viewer utility to track information about your computer’s hardware and software, as well as to monitor security events All of the traced information is stored in three types of log files:

You can access Event Viewer by selecting Start Control Panel Performance and

Maintenance Administrative Tools Event Viewer Alternatively, you can right-click My Computer, choose Manage from the pop-up menu, and open Event Viewer under System

Tools From Event Viewer, select the log you want to view Figure 14.1 shows Event Viewer with the System log displayed

F I G U R E 1 4 1 A System log in Event Viewer

You can also add Event Viewer as a Microsoft Management Console (MMC) snap-in Adding MMC snap-ins is covered in Chapter 4, “Configuring the Windows XP Environment.”

In the log files, you will see all the events that have been recorded By default, the oldest events are at the bottom of the window and the newest events are at the top This arrangement

Trang 33

can be misleading in troubleshooting, since one error can precipitate other errors You should always resolve the oldest errors first To change the default listing order and put the oldest events at the top, click one of the three logs and select View Oldest First

The following sections describe how to view events and manage logs

Reviewing Event Types

The Event Viewer logs display five event types, denoted by their icons Table 14.2 describes each event type

Getting Event Details

Double-clicking an event in an Event Viewer log file brings up the Event Properties dialog box, which shows details about the event An example of the Event Properties dialog box for an Information event is shown in Figure 14.2 Table 14.3 describes the information that appears

in this dialog box

T A B L E 1 4 2 Event Viewer Log Events

Information Informs you of the occurrence of a specific action,

such as the startup or shutdown of a system.

Information events are logged for informative purposes.

Warning events may not be critical in nature but may be indicative of future errors.

a driver’s failing to load You should be very concerned about Error events.

Success Audit Indicates the occurrence of an event that has

been audited for success For example, when system logons are being audited, a Success Audit event is a successful logon.

Failure Audit Indicates the occurrence of an event that has been

audited for failure For example, when system logons are being audited, a Failure Audit event is

a failed logon due to an invalid username and/or password.

Trang 34

F I G U R E 1 4 2 The Event Properties dialog box

T A B L E 1 4 3 Event Properties Dialog Box Items

Date The date on which the event was generated.

Time The time at which the event was generated.

Type The type of event that was generated: Information, Warning, Error,

Success Audit, or Failure Audit.

User The name of the user to whom the event is attributed, if applicable

(not all events are attributed to a user).

Computer The name of the computer on which the event occurred.

Source The software that generated the event (e.g., operating system

components or drivers).

Category The source that logged the event (this field will say “None” until

this feature has been fully implemented in Windows XP).

Trang 35

Managing Log Files

Over time, your log files will grow, and you will need to decide how to manage them You can clear a log file for a fresh start You may want to save the existing log file before you clear it,

to keep that log file available for reference or future analysis

To clear all log file events, right-click the log you wish to clear and choose Clear All Events from the pop-up menu Then specify whether you want to save the log before it is cleared

If you just want to save an existing log file, right-click that log and choose Save Log File As Then specify the location and name of the file

To open an existing log file, right-click the log you wish to open and choose Open Log File Then specify the name and location of the log file and click the Open button

Setting Log File Properties

Each Event Viewer log has two sets of properties associated with it:

General properties Control items such as the log filename, its maximum size, and the action

to take when the log file reaches its maximum size

Filter properties Specify which events are displayed

To access the log Properties dialog box, right-click the log you want to manage and select Properties from the pop-up menu The following sections describe the properties available on the General and Filter tabs of this dialog box

General Properties

The General tab of the log Properties dialog box, shown in Figure 14.3, displays information about the log file and includes options to control its size Table 14.4 describes the properties

on the General tab

The Clear Log button in the General tab of the log Properties dialog box clears all log events.

Event ID The event number specific to the type of event generated (e.g., a print

error event has the event ID 45).

Description A detailed description of the event.

Data The binary data generated by the event (if any; some events do

not generate binary data) in hexadecimal bytes or DWORD format (programmers can use this information to interpret the event).

T A B L E 1 4 3 Event Properties Dialog Box Items (continued)

Trang 36

F I G U R E 1 4 3 The General properties for an Application log

T A B L E 1 4 4 General Log Properties

Display Name Allows you to change the name of the log file For example, if you

are managing multiple computers and want to distinguish the logs for each computer, you can make the names more descriptive (e.g., SalesServer-App Log and MarketingServer-Security Log).

Log Name Path and filename of the log file.

Size Current size of the log file.

Created Date and time when the log file was created.

Modified Date and time when the log file was last modified.

Accessed Date and time when the log file was last accessed.

Maximum Log Size Allows you to specify the maximum size for the log file You can

use this option to prevent the log file from growing too large and taking up excessive disk space.

Trang 37

Filter Properties

The Filter tab of the log Properties dialog box, shown in Figure 14.4, allows you to control the listing of events in the log For example, if your system generates a large number of logged events, you might want to set the Filter properties so that you can track specific events You can filter log events based on the event type, source, category, ID, users, computer, or specific time period Table 14.5 describes the properties on the Filter tab

F I G U R E 1 4 4 The Filter properties for an Application log

When Maximum Log Size

Is Reached

Allows you to specify what action will be taken when the log file reaches the maximum size (if a maximum size is specified) You can choose to overwrite events as needed (on a first-in-first-out basis), overwrite events that are over a certain age, or prevent events from being overwritten (which means that you would need to clear log events manually).

Using a Low-Speed Connection

Specifies that you are monitoring the log file of a remote computer and that you connect to that computer through a low-speed connection.

T A B L E 1 4 4 General Log Properties (continued)

Định dạng
Số trang	74
Dung lượng	3,69 MB