You need to monitor the Security event log for new audit failure events in real time and trigger a script when such an event occurs. Which approach is best suited for this task?

hard📝 Application Q9 of 15

PowerShell - System Administration

AUse Get-WinEvent with -MaxEvents 1 repeatedly

BRun Get-EventLog in a loop every minute to check for new events

CExport the Security log daily and parse it manually

DUse Register-ObjectEvent with Get-WinEvent and a filter for audit failures

Step-by-Step Solution

Solution:

Step 1: Understand real-time event monitoring
Register-ObjectEvent can subscribe to event log changes and trigger actions immediately.
Step 2: Compare with polling methods
Polling with loops or repeated commands is less efficient and not real-time.
Final Answer:
Use Register-ObjectEvent with Get-WinEvent and a filter for audit failures -> Option D
Quick Check:
Real-time monitoring = Register-ObjectEvent [OK]

Quick Trick: Register-ObjectEvent enables real-time event triggers [OK]

Common Mistakes:

Using polling loops instead of event subscriptions
Assuming export and manual parsing is real-time
Misusing -MaxEvents for monitoring

Master "System Administration" in PowerShell

9 interactive learning modes - each teaches the same concept differently

Learn Why Deep Visual Try Challenge Project Recall Time

Want More Practice?

15+ quiz questions · All difficulty levels · Free

Free Signup - Practice All Questions

More PowerShell Quizzes

You need to monitor the Security event log for new audit failure events in real time and trigger a script when such an event occurs. Which approach is best suited for this task?

Step 1: Understand real-time event monitoring

Step 2: Compare with polling methods

Final Answer:

Quick Check:

Want More Practice?