Lab Question :

1 ) Nazri is a technical officer of All Technologies SDN BHD, he suspected someone has been used his computer and he want to check whether true or not. He using windows 7 Ultimate Edition. How can you help him? Please give detail step.


Nazri can check for logged events on his computer to see whether or not someone has been using his computer.

  1. Toggle open Windows Logs on the left pane.

  2. Left-Click on “System,” and then look for the right-sidebar option to “Filter Current Log.” This allows you to isolate down to specific events, event types, and times.

  3. In the “Logged” dropdown, select “Custom range...” and then “Events on” in the drop-down menu to narrow the search window to when you think your machine was accessed. Select OK. 

  4. From here, you can hit OK to simply browse all events—or you can filter by specific event IDs or task categories.

 

Generally speaking, he won’t understand what most of these events mean, and that’s ok. What’s more important is whether a ton of events appear during a time when his computer was powered off. If so, it’s possible it might have been used—he can also check by clicking on “Applications and Service Logs” in the left-hand sidebar, and then Microsoft > Windows > Diagnostics-Performance > Operational. From there, he can look for Event IDs 100 and 200 to see when his system powered up or shut down.


















2) Azam using UniMAP computer library. Suddenly, he get this error. What are he trying to do? Any idea to solve this problem?

Azam was trying to open the Windows Task Manager and the error shows up because since he is using UniMAP’s computer library it means that he does not have the permission to do open that.This problem only occurs if he is using the University’s computer and not his own as the administrator has the permission to block standard user from opening certain programs so that students can’t mess with the computer.In order to fix this problem Azam need to contact UniMAP’s librarian or its Administrator in order to get the user Administrator permisson so that he can use the Windows Task Manager properly.
Log in your computer with the administrator account.

Locate your external hard drive. It could be in the folder named Computer/My computer/This PC different Windows operating systems.

Right-click on your external hard drive. Then click Properties.







On Properties windows, view on Security tab and click Advanced. Then tap on Owner panel and click Edit.







Choose the user you want to set as the owner of the file. Then check on Replace owner on subcontainers and objects. Click Apply > OK to save the settings.














3) “top” is not recognized as an internal or external command, operable program or batch file.” Zafirah try to get show process on terminal but get an error message. Why this happen? How to use this command?

Navigate to "My Computer", right click

Click on "Properties",

Select "Advanced",

Then choose "Environment Variables",

highpoint the "Path" variable,

click "Edit",

Then, add the path right before the "Variable value" field, separated by a semicolon from the already present entry.








4) Iskandar is a Windows system administrator sent print screen from his computer. What are information he provided. What type of operating system that he used? What type of command line he used?


Viewing object structure

· Windows powershell






















5) Follow the instruction and explain the result

On the keyboard: Ctrl + Alt + t

- It opens a new tab on browser.

ii) Type: less /proc/cpuinfo (answer with screenshots).


What is FPU and PAE

FPU : A floating-point unit (FPU, colloquially a math coprocessor) is a part of a computer system specially designed to carry out operations on floating-point numbers.[1] Typical operations are addition, subtraction, multiplication, division, and square root.

PAE: In computing, Physical Address Extension (PAE), sometimes referred to as Page Address Extension,[1] is a memory management feature for the x86 architecture.





6) Lisa open terminal and type “lscpu”. That actually she what to do?






It is a command to show our CPU inside the laptop or computer.










7) “dmesg | grep -i usb”. Please brief detail about the information given.(answer with screenshots).




dmesg command also called as “driver message” or “display message” is used to examine the kernel ring buffer and print the message buffer of kernel.



Search Detected Device.



It’s difficult to search particular string due to length of dmesg output. So, filter the lines with are having string like ‘usb‘, ‘dma‘, ‘tty‘ and ‘memory‘ etc. The ‘-i’ option instruct to grep command to ignore the case (upper or lower case letters).






8) Which is the core of the operating system?

a) Shell

b) Kernel

c) Commands

d) Scrip

Answer :

- B ( kernel )


Comments

Post a Comment