| < Free Open Study > |
|
The following questions will help you measure your understanding of the material presented in this chapter. Read all the choices carefully, as there may be more than one correct answer. Choose all correct answers for each question.
1. | Which of the following is NOT a rule that can be assigned to a load evaluator?
|
|
2. | Which load evaluator is assigned to MetaFrame servers during their installation?
|
|
3. | You have baselined your servers using Performance Monitor. You have determined that the maximum number of users you can support on your hardware is 45. Above 45 users and performance starts to decline dramatically. You have created a new load evaluator based on Server User Load. What should you set the Server User Load threshold at?
|
|
4. | You have two MetaFrame XPa servers load balancing a common desktop. During the middle of the workday, server number 2 crashes. How will this affect the users currently logged on to server number 2?
|
|
5. | What evaluator is assigned to published applications by default?
|
|
6. | You wish to create a load evaluator that will monitor active sessions on your server. You also wish to limit the number of sessions to 50. Which of the following answers will allow you to do this? ýChoose all that apply.)
|
|
7. | The advanced evaluator monitors which of the following rules? ýChoose all that apply.)
|
|
8. | You have published a load-balanced desktop across three MetaFrame servers on your network using the default parameters for both the servers and the application. After tracking the performance of your servers, you notice that while each server has the same number of active sessions, two of the servers are underutilized, but the remaining server is running at almost 100 percent utilization. What adjustments can be made to remedy this problem? ýSelect the best answer.)
|
|
9. | After creating a new load evaluator which of the following is true? ýChoose all that apply.)
|
|
10. | You have just created a new load evaluator and assigned it to several servers in your farm. You wish to view the activity for the rules within the load evaluator. Which utility would you use to do this?
|
|
Answers
1. | þ D is the correct answer. Specified Users is not a valid rule for a load evaluator. ý A, B, and C are incorrect because they are valid load evaluator rules. |
2. | þ B is correct. The default evaluator is assigned at installation. ý A, C, and D are incorrect. A is a valid evaluator, but not assigned by default. Since the default evaluator is assigned at installation, C and D are also incorrect. |
3. | þ C is the correct answer. You should never set the value for a threshold at the maximum a server can handle. ý A is incorrect, since we are not setting it at its maximum. B is incorrect since it is above the maximum. C is also incorrect, since you should change this to reflect your environment. |
4. | þ B is correct. Load balancing is not like clustering. Any unsaved work will be lost, and the users will not be able to re-establish a connection to their previous sessions. ý This makes A, C, and D incorrect. |
5. | þ D is correct. No evaluator is assigned to published applications by default. ý A, B, and C are incorrect, since no load evaluator is assigned to published applications by default. |
6. | þ A and C are correct. The default evaluator monitors only Server User Load. This evaluator can be copied, or a new one created to monitor the same rule. Setting the threshold to 50 will limit the number of active sessions to 50. ý B is incorrect, since the advanced evaluator does not monitor Server User Load, and D is incorrect, since Application User Load will only monitor the number of specific sessions running a specific application, not the entire number of sessions on the server. |
7. | þ A, C, and D are correct. The advanced evaluator monitors CPU Utilization, Page Swaps, and Memory Usage. ý B is incorrect, since Page Faults is not monitored. |
8. | þ C is correct. Assigning the advanced evaluator to the server will make the evaluators take hardware usage into consideration instead of straight user load. ý A is incorrect because the default evaluator cannot be edited. B is incorrect because, while this may work, it is easier to create a single evaluator for all three servers than it is to create and manage three separate evaluators. D is incorrect because this will limit the number of logons to the server but does not affect the load-balancing mechanism. |
9. | þ A, B, C, and D are all correct. |
10. | þ D is correct. To view the activity of the load evaluator, you must select the server it is assigned to and view the Load Manager Monitor. ý A is incorrect because these show which evaluators are assigned to applications and servers, but not their activity. B is incorrect because it also does not show activity, and C is incorrect because this utility does not exist in the Load Evaluators node. |
11. | Which of the following describes public key-private key encryption? ýChoose all that apply.)
|
|
12. | You have several types of client Operating Systems on your network. They include Windows 98, Windows 2000, DOS, Linux x86, and Sun Solaris 2.7 ýUnix). All clients use Citrix MetaFrame to host user applications. You are considering enabling encryption on your Citrix servers and forcing a minimum level of 128 bits for every connection. What effect will this have on your client connections? ýChoose all that apply.)
|
|
13. | Which of the following is true about Citrix encryption? ýChoose all that apply.)
|
|
14. | During the key negotiation algorithm, a symmetric key is generated. This key is how many bits long?
|
|
15. | Which of the following is encrypted during an ICA session? ýChoose all that apply.)
|
|
16. | You wish to require that every connection made to your MetaFrame server be encrypted at a minimum level of 128 bits. Which utility would you use to prevent users from connecting to your server without 128-bit encryption enabled?
|
|
17. | When implementing NFuse, you wish to ensure that your user credentials are passed securely across the Internet when using the NFuse Web site. What should you use to secure these passwords?
|
|
18. | While troubleshooting a client connection problem with NFuse, you notice that the ICA file the client is being downloaded has the username and domain name in clear text. You are then able to cut and paste this into other ICA files and use this user's login several times. How can you configure the NFuse Web site so these credentials are more secure?
|
|
19. | The SSL Relay Configuration is used to secure what communication path?
|
|
20. | What is the default location for the key store in the SSL Relay Configuration?
|
|
Answers
11. | þ B and C are correct. Public key-private key encryption uses two keys. The public key used to encrypt data can be distributed freely. The private key must be kept secure, since it is used to decrypt the data. ý A is incorrect because a single key algorithm is called symmetric key encryption. D is incorrect because symmetric key encryption is faster than public key-private key encryption. |
12. | þ A, C, and D are correct. Windows 98 and Windows 2000 both use the Citrix Win32 client, which does support encryption. The Linux x86 client also supports encryption and will be able to connect. The Sun Solaris systems use a Unix client, which does not support ICA encryption. ý B is incorrect, since the DOS client does support ICA encryption. |
13. | þ A, B, and D are correct. The Diffie-Hellman, public key-private key, and key agreement algorithm is used at logon to create a new symmetric key for each session. Both the Netscape Plug-in and Internet Explorer ActiveX control support ICA encryption. ý C is incorrect, since MetaFrame supports only 40-, 56-, and 128-bit encryption. |
14. | þ D is the correct answer. The algorithm establishes a 1024-bit key at each login, but only the first 256 bits of the key is used. ý A, B, and C are incorrect. |
15. | þ A, B, C, and D are all correct. These are all encrypted in the ICA session. |
16. | þ B is correct. Using Citrix Connection Configuration, you can configure the required encryption for every connection. A user connecting without the required encryption level will not be allowed to log on ý A is incorrect because while you can configure it for each application individually, this, by itself, does not stop a user from connecting to a specific server without encryption. C is incorrect because there are no encryption settings within Citrix server Administration, and D is incorrect because the SSL Relay Configuration configures SSL encryption for NFuse. |
17. | þ B is correct. In order to secure browser to Web server security, you will need to set up SSL encryption for your NFuse Web pages. ý A is incorrect, since the SSL Relay Configuration does not configure client-side SSL. C is incorrect because ICA encryption does not protect passwords entered into an NFuse Web site. D is incorrect, since the passwords are passed to the Web server in clear text when not using SSL. |
18. | þ B is correct. Ticketing will encrypt the domain name and password and replace them with a 'ticket.' This ticket is only good for one use or 200 seconds. ý A is incorrect because the data store has no ticketing function. C is incorrect, since the SSL Relay has nothing to do with ticketing. D is incorrect because this is used to secure the client username and password when transmitted to the Web server. |
19. | þ C is correct. The SSL Relay is used to encrypt the XML communication between the Web server and the MetaFrame server. ý A is incorrect because this is handled by RC5 ICA encryption. B is incorrect because this communication does not require external encryption. And D is incorrect, since SSL on the Web server is used for browser to Web server communication. |
20. | þ D is correct. This is the default location for the key store. ý A, B, and C are incorrect directories for the default location. |
| < Free Open Study > |
|