Evaluate windows log files (credit to MindTap)

You are the security analyst for a small corporate network. You want to proactively address issues to advert any problems on your system.

In this lab, your task is run the Get-Eventlog command from PowerShell (Admin) to:

• Get a list of the current logs being capture on Office1 and answer Question 1.
• View the system log file and answer Question 2.
• View the application log file and answer Questions 3-5.
• View the security log file and answer Question 6.

EXPLANATION

Complete this lab as follows:

1. Get a list of the current logs being capture on Office1.
   1. Right-click Start and select Windows PowerShell (Admin).
   2. Maximize the window for easier viewing.
   3. At the prompt, type Get-Eventlog -logname * and press Enter.
   4. In the top right, select Answer Questions.
   5. Answer Question 1.
2. View the system log file and answer the question.

   1. Use the UP arrow key to reuse previous commands.

       

   1. 1. From PowerShell, type Get-Eventlog -logname system and press Enter.
      2. Maximize the window for better viewing.
      3. Examine the last two entries.
      4. Answer Question 2.
   2. View the application log file and answer the questions.

      1. You may want to clear the screen using the CLS command.

      2. From PowerShell, type Get-Eventlog -logname application and press Enter.
      3. Examine the last entry.
      4. Answer Questions 3-5.
   3. View the security log file and answer the questions.
      1. From PowerShell, type Get-Eventlog -logname security and press Enter.
      2. Examine the entries.
      3. Answer Question 6.
      4. Select Score Lab.