Windows 10 (legacy) — Question 30

Your network contains an Active Directory domain. The domain contains 10 computers that run Windows 10.
On a different computer named Computer1, you plan to create a collector-initiated subscription to gather the event logs from the Windows 10 computers.
You need to configure the environment to support the event log collection.
Which two actions should you perform? Each correct answer presents part of the solution.
NOTE: Each correct selection is worth one point.

Answer options

• A. Add Computer1 to the Event Log Readers group on the Windows 10 computers
• B. Add Computer1 to the Event Log Readers group on Computer1
• C. On the Windows 10 computers, change the Startup Type of Windows Event Collector to Automatic
• D. Enable Windows Remote Management (WinRM) on the Windows 10 computers
• E. Enable Windows Remote Management (WinRM) on Computer1

Correct answer: A, D

Explanation

The correct answers are A and D. Adding Computer1 to the Event Log Readers group on the Windows 10 computers allows it to access the event logs, while enabling Windows Remote Management (WinRM) on those computers is necessary for remote log collection. Options B, C, and E are incorrect because they do not properly address the access requirements for event log reading or the necessary configuration for log collection from multiple machines.