Apply Your Knowledge


Exercises

15.1. Checking for unsigned drivers

This exercise demonstrates how to determine whether there are any unsigned drivers on your computer. We accomplish this in two ways: by using File Signature Verification and by using driverquery.exe.

Estimated Time: 10 minutes

1.

Select the Start menu, click Run, and in the Open dialog box type sigverif.

2.

You want to perform the default verification, so click Start to begin the file checking. Wait while the verification program runs.

3.

Review the listing of unsigned drivers. Determine the source of the drivers.

4.

(Optional) Browse the website of the manufacturer of the device for which the unsigned drivers were loaded. See if any signed drivers exist for the devices in question.

5.

Open a command prompt.

6.

Enter driverquery /? and review the help information.

7.

Enter driverquery /fo table /s <computername> /si to show a list of loaded drivers on the computer.

8.

Enter driverquery /fo csv /s <computername> /si >c:\dr.csv to write a comma-separated values table of loaded drivers on the computer to the file c:\dr.csv.

9.

(Optional) Run a spreadsheet program or a database program and load the output from step 8. Consider how a database of driver information for each of the servers in your network might be useful.

15.2. Determining the DMA channels in use

This exercise demonstrates how to determine what DMA channels are in use on your computer. We'll use Device Manager.

Estimated Time: 5 minutes

1.

To start Device Manager, right-click My Computer and choose Manage.

2.

In the Explorer pane, click Device Manager.

3.

In the View menu, choose Resources by Type.

4.

Click the plus sign beside Direct Memory Access (DMA).

5.

Review the channels in use on your computer.

Exam Questions

1.

You have been asked whether an older computer will operate properly with Windows Server 2003. What feature of the computer must be present for device resource settings to be assigned automatically by Windows Server 2003?

A.

APM

B.

SFC

C.

ACPI

D.

PnP


2.

After installing a new driver for a printer, you find that it is not functioning properly, and you decide to return to the previous driver. What procedure(s) will give you the desired results?

A.

Uninstall the printer and then start again with the most recent functioning driver you can find.

B.

Use Device Manager to invoke Driver Roll Back.

C.

Run Driver Roll Back from Administrative Tools.

D.

On the Advanced tab of the printer's Properties dialog box, choose New Driver and use Have Disk to select the source of the previous driver.


3.

A colleague has sent you a new driver for your server's RAID controller, which he says makes the drives it controls run more efficiently. You want to ensure that the driver is from a reputable source. How do you do that?

A.

Look for the driver on the manufacturer's website.

B.

Run Windows File Protection to determine the creator of the driver.

C.

Run sigverif.exe, and on the Advanced tab, choose to search on *.sys files in the folder where you saved the driver.

D.

Run driverquery with the /fo csv switch against the folder where you saved the file.


4.

You are the administrator of a small network. You use Group Policy to limit what the users can do on their workstations. What action should you take to warn users about unsigned drivers, but not block the installation?

A.

Put the warning in the company policy manual and distribute it via email.

B.

Configure the driver signing policy for Notify When Installing Unsigned Drivers.

C.

Configure the driver signing policy for Warn When Installing Unsigned Drivers.

D.

Configure the driver signing policy for Alert When Installing Unsigned Drivers.


5.

You are the administrator of a small network. One of your junior administrators calls and says she is having a problem with one of the modems in the remote access servers. You go look at the server and open Device Manager. You notice that the entry for the modem has a question mark with a red X. What action should you take to correct this problem?

A.

Use Device Manager to enable the device.

B.

Reinstall the drivers for the device.

C.

Reassign the resources for the device.

D.

Nothing. The device is not compatible with Windows Server 2003.


6.

You are having problems getting some of the specialized hardware devices in a new server to work properly with Windows Server 2003, after installing the hardware and downloading the drivers from the Internet. You call Microsoft support, and the first thing that they ask you is whether you are using any unsigned drivers. What is the easiest way to find this out?

A.

Run sigverif.exe with the default options.

B.

Run sigverif.exe with the advanced options.

C.

Run driverquery with the /fo csv switch.

D.

Run driverquery with the /fo cvs switch.


7.

One of your junior administrators inadvertently installed an older application on one of your Windows Server 2003 servers that overwrote some of the system DLLs. Fortunately, Windows Server 2003 comes with the Windows File Protection feature so that the system files are automatically replaced with the correct ones. Unfortunately, WFP can't seem to find the necessary files in the %systemroot%\system32\dllcache folder. Where can you obtain the proper files?

A.

Windows Update

B.

Windows service packs

C.

Windows Server 2003 CD-ROM

D.

Hotfix distributions


8.

You are building a new print server using Windows Server 2003. All the printer drivers have loaded successfully except for an older Windows NT driver that may or may not be supported on Windows Server 2003. What utility should you use to troubleshoot this driver problem?

A.

Device Manager

B.

Computer Management

C.

Printers applet

D.

Printers and Faxes applet


9.

You are the network administrator for Skelly Inc. All network servers run Windows Server 2003, and all client computers run Windows XP Professional.

Several users report that they cannot access a server named FileSrv1. First, you verify that the network adapter on FileSrv1 has the correct driver installed. Then, you open Device Manager on FileSrv1. You see a red X by the network adapter entry.

Now you need to use Device Manager to restore network connectivity on FileSrv1. What should you do?

A.

You must enable the network adapter.

B.

You need to change the network adapter IRQ setting.

C.

You have to change the network adapter's IP address.

D.

Adjust the link speed of the network adapter to match the link speed of the network.

E.

Resolve all possible hardware conflicts between the network adapter and the unknown device.


10.

You are the administrator of a Windows Server 2003 computer named FilePrt1. There is a driver conflict on FilePrt1. You suspect that an unsigned driver has been installed for one of the hardware devices. You need to locate any unsigned drives. What should you do?

A.

Use the advanced options of the File Signature Verification tool to scan the contents of the Systemroot\System32 folder and all subfolders.

B.

Run the drivequery / si command, and examine the output.

C.

Use the advanced options of the File Signature Verification tool to scan the contents of the Systemroot\System folder and all subfolders.

D.

Run the ver command.


Answers to Exam Questions

1.

C. ACPI must be present on the computer for Windows Server 2003 to be able to take over the configuration of devices. APM (Advanced Power Management) is a predecessor to ACPI that does not perform automatic configuration as completely as ACPI. SFC (System File Checker) is a tool for scheduling a run of the system files to identify any that are unsigned. PnP (Plug and Play) is a specification that states how devices should identify themselves and respond to configuration commands. See the "Installing and Configuring Hardware Devices" section for more information.

2.

A, D. You must remove the existing driver and install one that you know works. You can do this explicitly, by deleting the printer and reinstalling it, or with the help of the Add Printer Driver Wizard. Device Manager does not function with printer drivers, and Driver Roll Back is not available for printer drivers. See the "Managing Drivers for Printers and Faxes" section for more information.

3.

C. File Signature Verification will inspect the files in the location you specify, and it will tell you if they are unsigned. Looking for the driver on the manufacturer's website is probably safer than using the one your colleague supplied, but a driver you find there may yet be unsigned. Windows File Protection replaces unsigned drivers with signed ones from the dllcache. Running driverquery.exe with the /fo csv switch shows the running driversit does not inspect drivers that are not running. See the "What Drivers Are Running on My Computer?" section for more information.

4.

C. Although distributing the policy via email seems like a good idea, you will need something more reliable. By selecting the Warn option, the user will be instructed that he or she is installing an unsigned driver and will be informed of the potential consequences; however, the user will still be able to install it. The Notify and Alert options do not exist. See the "What Is Driver Signing and Why Should I Care?" section for more information.

5.

B. The icon displayed usually indicates that the drivers are either missing or corrupt. Reinstalling the drivers should correct the problem. See the "Diagnosing and Resolving Issues Related to Hardware Settings" section for more information.

6.

A. Running sigverif.exe with the default options generates a list of all unsigned system files and drivers on the server. Getting similar information from driverquery.exe requires the /si switch. See the "Determining Whether a Computer Has Unsigned Drivers" section for more information.

7.

C. If the desired version of the file is not in the dllcache folder, Windows File Protection asks for the Windows Server 2003 CD-ROM to be mounted, and it copies the files from there. Obtaining the files from Windows Update, a service pack, or a hotfix would be an option only if the required files have been updated, and you have no guarantee that you're installing the proper version. See the "Other Methods for Protecting Device Drivers" section for more information.

8.

D. Neither Device Manager nor any other components of the Computer Management MMC manage device drivers for printers and fax devices. They are managed through the Printers and Faxes applet in Control Panel. The Printers applet does not exist in Windows Server 2003. See the "Managing Drivers for Printers and Faxes" section for more information.

9.

D. The red X indicates that the network card is disabled. The question also mentions that the correct driver is installed. Therefore, enabling the network adapter will render it operational. If the IRQ was wrong, the network adapter would have an exclamation mark in a yellow circle over it. If the IP address was wrong or the link speed was set incorrectly, there would be no indication in Device Manager. If there was a hardware conflict, the network adapter status would be marked with an exclamation mark with a yellow circle over it. See the "Configuring Device Properties and Settings" section for more information.

10.

A. The File Signature Verification tool generates the report of unsigned drivers with the least administrative effort. Using the driverquery command with the si parameter will display the properties of signed drivers, but not the location of unsigned drivers. In Windows Server 2003, Systemroot\System folder is not a protected folder and will not indicate whether the driver is signed. The Ver command is useless unless you specify what you want to verify. See the "Determining Whether a Computer Has Unsigned Drivers" section for more information.

Suggested Readings and Resources

1. OnNow Device Power Management. Microsoft Corporation whitepaper. http://www.microsoft.com/whdc/hwdev/tech/onnow/devicepm.mspx.

2. Windows Server 2003 Deployment Guide. Microsoft Corporation. http://www.microsoft.com/windowsserver2003/techinfo/reskit/deploykit.mspx.

3. Windows Server 2003 Resource Kit. Microsoft Corporation. Look for a link to it on the Technical Resources for Windows Server 2003 page: http://www.microsoft.com/windowsserver2003/techinfo/default.mspx.




MCSA. MCSE 70-290 Exam Prep. Managing and Maintaining a MicrosoftR Windows ServerT 2003 Environment
MCSA/MCSE 70-290 Exam Prep: Managing and Maintaining a Microsoft Windows Server 2003 Environment (2nd Edition)
ISBN: 0789736489
EAN: 2147483647
Year: 2006
Pages: 219
Authors: Lee Scales

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net