Security Essentials, Lab Manual page 30

Copyright Goodheart-Willcox Co., Inc. May not be reproduced or posted to a publicly accessible website. 30 Security Essentials Lab Manual 8. On the next page of the wizard, click the Browse… button. Navigate to and select the Warnings.ps1 script you created previously. Click the Next button to continue in the wizard. 9. Click the Finish button to end the wizard and create the task. 10. Right-click on the Application log, and click Save All Events As… in the shortcut menu. Change the file type to CSV, and save the file as ApplicationLog in your working folder. 11. Open the CSV file in Excel, and format for better display. Save the file in Excel format. What are some benefits of saving the log in Excel format? _ __________________________________________________________________________________________________________________ __________________________________________________________________________________________________________________ __________________________________________________________________________________________________________________ __________________________________________________________________________________________________________________ _________________________________________________________________________________________________________________ 12. Return to PowerShell or PowerShell ISE. 13. Show all the event logs on the computer in list format using the get-eventlog -list cmdlet. Create and save a screenshot. 14. Show the content of the System event log. Pipe the output to the more cmdlet using the syntax, get-eventlog -logname system |out-host. Take note of the some of the instance IDs. Create and save a screenshot. Everything in the log will be listed, so it may take a few seconds to load. _ _________________________________________________________________________________________________________________ 15. Using the same command, retrieve an instance ID of one of the numbers you saw in the above command. Enter and run the syntax, get-eventlog -logname system -instanceID X. In this syntax, X represents the instance ID you retrieved. Create and save a screenshot. 16. Using the same command, show only the last 10 that appeared. To do this, replace -instanceID with -newest 10. How many unique instance IDs appeared? _ _________________________________________________________________________________________________________________ Script to run Click to locate the file Goodheart-Willcox Publisher

Previous Page Next Page

Security Essentials, Lab Manual Page 30 (38 of 232)

Resources and Downloads

Help