Self Test

 < Free Open Study > 



The following questions will help you measure your understanding of the material presented in this chapter. Read all the choices carefully, as there may be more than one correct answer. Choose all correct answers for each question.

Analyzing Load with Load Manager

1. 

Which of the following is NOT a rule that can be assigned to a load evaluator?

  1. Server User Load

  2. Application User Load

  3. Disk Data I/O

  4. Specified Users

 d is the correct answer. specified users is not a valid rule for a load evaluator. a, b, and c are incorrect because they are valid load evaluator rules.

2. 

Which load evaluator is assigned to MetaFrame servers during their installation?

  1. The advanced evaluator.

  2. The default evaluator.

  3. No evaluator is assigned.

  4. A Custom evaluator defined by the administrator.

 b is correct. the default evaluator is assigned at installation. a, c, and d are incorrect. a is a valid evaluator, but not assigned by default. since the default evaluator is assigned at installation, c and d are also incorrect.

3. 

You have baselined your servers using Performance Monitor. You have determined that the maximum number of users you can support on your hardware is 45. Above 45 users and performance starts to decline dramatically. You have created a new load evaluator based on Server User Load. What should you set the Server User Load threshold at?

  1. 45, the number of users the server can host.

  2. 47 to 50 to allow room for growth.

  3. 43 to 44, a little less than the maximum.

  4. 100. You should never change the default value.

 c is the correct answer. you should never set the value for a threshold at the maximum a server can handle. a is incorrect, since we are not setting it at its maximum. b is incorrect since it is above the maximum. c is also incorrect, since you should change this to reflect your environment.

4. 

You have two MetaFrame XPa servers load balancing a common desktop. During the middle of the workday, server number 2 crashes. How will this affect the users currently logged on to server number 2?

  1. No effect to the end users. User sessions will fail over to the first server.

  2. The users will lose their current unsaved work but will be able to reconnect to the first server.

  3. The end user will be disconnected from server 2, but when they are reconnected to server 1, they will reconnect right where they left off.

  4. The end users will be disconnected from server 2, but once it is rebooted, they will be able to reconnect to it and continue working with no loss of data.

 b is correct. load balancing is not like clustering. any unsaved work will be lost, and the users will not be able to re-establish a connection to their previous sessions. this makes a , c, and d incorrect.

5. 

What evaluator is assigned to published applications by default?

  1. The advanced evaluator if it is an application and not a published desktop.

  2. The default evaluator if it is a published desktop.

  3. The application evaluator.

  4. No evaluator is assigned to published applications by default.

 d is correct. no evaluator is assigned to published applications by default. a, b, and c are incorrect, since no load evaluator is assigned to published applications by default.

6. 

You wish to create a load evaluator that will monitor active sessions on your server. You also wish to limit the number of sessions to 50. Which of the following answers will allow you to do this? ýChoose all that apply.)

  1. Copy the default evaluator and change the threshold settings.

  2. Copy the advanced evaluator and change the threshold settings.

  3. Create a new evaluator using only the Server User Load rule and set its threshold at 50.

  4. Create a new evaluator using only the Application User Load rule and set its value at 50.

 a and c are correct. the default evaluator monitors only server user load. this evaluator can be copied, or a new one created to monitor the same rule. setting the threshold to 50 will limit the number of active sessions to 50. b is incorrect, since the advanced evaluator does not monitor server user load, and d is incorrect, since application user load will only monitor the number of specific sessions running a specific application, not the entire number of sessions on the server.

7. 

The advanced evaluator monitors which of the following rules? ýChoose all that apply.)

  1. CPU Utilization

  2. Page Faults

  3. Page Swaps

  4. Memory Usage

 a, c, and d are correct. the advanced evaluator monitors cpu utilization, page swaps, and memory usage. b is incorrect, since page faults is not monitored.

8. 

You have published a load-balanced desktop across three MetaFrame servers on your network using the default parameters for both the servers and the application. After tracking the performance of your servers, you notice that while each server has the same number of active sessions, two of the servers are underutilized, but the remaining server is running at almost 100 percent utilization. What adjustments can be made to remedy this problem? ýSelect the best answer.)

  1. Change the default evaluator on each server to handle the appropriate number of active sessions.

  2. Create a new evaluator that better reflects the number of users each server can handle; then assign them appropriately.

  3. Assign the advanced evaluator to each server so that only the hardware utilization is analyzed and not the User Load.

  4. Configure each server's connection settings to limit the number of active sessions to what you feel the server can handle.

 c is correct. assigning the advanced evaluator to the server will make the evaluators take hardware usage into consideration instead of straight user load. a is incorrect because the default evaluator cannot be edited. b is incorrect because, while this may work, it is easier to create a single evaluator for all three servers than it is to create and manage three separate evaluators. d is incorrect because this will limit the number of logons to the server but does not affect the load-balancing mechanism.

9. 

After creating a new load evaluator which of the following is true? ýChoose all that apply.)

  1. The load evaluator can remain unused

  2. The load evaluator can be assigned to a server

  3. The load evaluator can be assigned to a published application

  4. The load evaluator can be assigned to every server in the farm

 a , b , c , and d are all correct.

10. 

You have just created a new load evaluator and assigned it to several servers in your farm. You wish to view the activity for the rules within the load evaluator. Which utility would you use to do this?

  1. Load evaluator usage reports.

  2. Load evaluator status reports.

  3. Load Manager Monitor in the Load Evaluators node.

  4. Load Manager Monitor from the server you wish to view.

 d is correct. to view the activity of the load evaluator, you must select the server it is assigned to and view the load manager monitor. a is incorrect because these show which evaluators are assigned to applications and servers, but not their activity. b is incorrect because it also does not show activity, and c is incorrect because this utility does not exist in the load evaluators node.

Answers

1. 

þ D is the correct answer. Specified Users is not a valid rule for a load evaluator.

ý A, B, and C are incorrect because they are valid load evaluator rules.

2. 

þ B is correct. The default evaluator is assigned at installation.

ý A, C, and D are incorrect. A is a valid evaluator, but not assigned by default. Since the default evaluator is assigned at installation, C and D are also incorrect.

3. 

þ C is the correct answer. You should never set the value for a threshold at the maximum a server can handle.

ý A is incorrect, since we are not setting it at its maximum. B is incorrect since it is above the maximum. C is also incorrect, since you should change this to reflect your environment.

4. 

þ B is correct. Load balancing is not like clustering. Any unsaved work will be lost, and the users will not be able to re-establish a connection to their previous sessions.

ý This makes A, C, and D incorrect.

5. 

þ D is correct. No evaluator is assigned to published applications by default.

ý A, B, and C are incorrect, since no load evaluator is assigned to published applications by default.

6. 

þ A and C are correct. The default evaluator monitors only Server User Load. This evaluator can be copied, or a new one created to monitor the same rule. Setting the threshold to 50 will limit the number of active sessions to 50.

ý B is incorrect, since the advanced evaluator does not monitor Server User Load, and D is incorrect, since Application User Load will only monitor the number of specific sessions running a specific application, not the entire number of sessions on the server.

7. 

þ A, C, and D are correct. The advanced evaluator monitors CPU Utilization, Page Swaps, and Memory Usage.

ý B is incorrect, since Page Faults is not monitored.

8. 

þ C is correct. Assigning the advanced evaluator to the server will make the evaluators take hardware usage into consideration instead of straight user load.

ý A is incorrect because the default evaluator cannot be edited. B is incorrect because, while this may work, it is easier to create a single evaluator for all three servers than it is to create and manage three separate evaluators. D is incorrect because this will limit the number of logons to the server but does not affect the load-balancing mechanism.

9. 

þ A, B, C, and D are all correct.

10. 

þ D is correct. To view the activity of the load evaluator, you must select the server it is assigned to and view the Load Manager Monitor.

ý A is incorrect because these show which evaluators are assigned to applications and servers, but not their activity. B is incorrect because it also does not show activity, and C is incorrect because this utility does not exist in the Load Evaluators node.

Identifying Encryption Strengths and Performance

11. 

Which of the following describes public key-private key encryption? ýChoose all that apply.)

  1. A single key is used to encrypt and decrypt data.

  2. The private key must be kept secret.

  3. The public key can be distributed freely.

  4. It is faster than symmetric key encryption.

 b and c are correct. public key-private key encryption uses two keys. the public key used to encrypt data can be distributed freely. the private key must be kept secure, since it is used to decrypt the data. a is incorrect because a single key algorithm is called symmetric key encryption. d is incorrect because symmetric key encryption is faster than public key-private key encryption.

12. 

You have several types of client Operating Systems on your network. They include Windows 98, Windows 2000, DOS, Linux x86, and Sun Solaris 2.7 ýUnix). All clients use Citrix MetaFrame to host user applications. You are considering enabling encryption on your Citrix servers and forcing a minimum level of 128 bits for every connection. What effect will this have on your client connections? ýChoose all that apply.)

  1. Windows 98 and Windows 2000 clients will be able to connect to the encryption sessions.

  2. DOS clients will not be able to connect because they do not support encryption.

  3. The Linux clients will be able to connect to the encryption sessions.

  4. The Sun Solaris clients will not be able to connect using encryption.

 a, c, and d are correct. windows 98 and windows 2000 both use the citrix win32 client, which does support encryption. the linux x86 client also supports encryption and will be able to connect. the sun solaris systems use a unix client, which does not support ica encryption. b is incorrect, since the dos client does support ica encryption.

13. 

Which of the following is true about Citrix encryption? ýChoose all that apply.)

  1. A new symmetric key is generated for every client connection.

  2. A public key-private key algorithm is used to generate the symmetric key at login.

  3. MetaFrame supports 40-, 56-, 128-, and 168-bit encryption levels.

  4. Both Web clients support encryption.

 a, b, and d are correct. the diffie-hellman, public key-private key, and key agreement algorithm is used at logon to create a new symmetric key for each session. both the netscape plug-in and internet explorer activex control support ica encryption. c is incorrect, since metaframe supports only 40-, 56-, and 128-bit encryption.

14. 

During the key negotiation algorithm, a symmetric key is generated. This key is how many bits long?

  1. 128 bits

  2. 256 bits

  3. 512 bits

  4. 1024 bits

 d is the correct answer. the algorithm establishes a 1024-bit key at each login, but only the first 256 bits of the key is used. a , b, and c are incorrect.

15. 

Which of the following is encrypted during an ICA session? ýChoose all that apply.)

  1. Client drive information

  2. Client printer data

  3. Video updates and graphic information

  4. Key strokes and mouse movement

 a , b, c , and d are all correct. these are all encrypted in the ica session.

16. 

You wish to require that every connection made to your MetaFrame server be encrypted at a minimum level of 128 bits. Which utility would you use to prevent users from connecting to your server without 128-bit encryption enabled?

  1. The Citrix Management Console

  2. Citrix Connection Configuration

  3. Citrix Server Administration

  4. Citrix SSL Relay Configuration

 b is correct. using citrix connection configuration, you can configure the required encryption for every connection. a user connecting without the required encryption level will not be allowed to log on a is incorrect because while you can configure it for each application individually, this, by itself, does not stop a user from connecting to a specific server without encryption. c is incorrect because there are no encryption settings within citrix server administration, and d is incorrect because the ssl relay configuration configures ssl encryption for nfuse.

17. 

When implementing NFuse, you wish to ensure that your user credentials are passed securely across the Internet when using the NFuse Web site. What should you use to secure these passwords?

  1. Use the SSL Relay Configuration tool to configure SSL encryption for client to Web server communication.

  2. Configure SSL on your Web server and require that the NFuse pages use encryption.

  3. Configure ICA encryption at the connection level. This will encrypt the user logon.

  4. Nothing. The passwords are sent securely by default.

 b is correct. in order to secure browser to web server security, you will need to set up ssl encryption for your nfuse web pages. a is incorrect, since the ssl relay configuration does not configure client-side ssl. c is incorrect because ica encryption does not protect passwords entered into an nfuse web site. d is incorrect, since the passwords are passed to the web server in clear text when not using ssl.

18. 

While troubleshooting a client connection problem with NFuse, you notice that the ICA file the client is being downloaded has the username and domain name in clear text. You are then able to cut and paste this into other ICA files and use this user's login several times. How can you configure the NFuse Web site so these credentials are more secure?

  1. Enable ticketing on the MetaFrame XP data store.

  2. Enable ticketing on the NFuse Web pages.

  3. Configure and enable the SSL Relay.

  4. Configure SSL on the Web server.

 b is correct. ticketing will encrypt the domain name and password and replace them with a ticket. this ticket is only good for one use or 200 seconds. a is incorrect because the data store has no ticketing function. c is incorrect, since the ssl relay has nothing to do with ticketing. d is incorrect because this is used to secure the client username and password when transmitted to the web server.

19. 

The SSL Relay Configuration is used to secure what communication path?

  1. Communication between the client and the MetaFrame server.

  2. Communication between the data collector and the MetaFrame server.

  3. Communication between the NFuse Web server and the MetaFrame server.

  4. Communication between the client and the Web server.

 c is correct. the ssl relay is used to encrypt the xml communication between the web server and the metaframe server. a is incorrect because this is handled by rc5 ica encryption. b is incorrect because this communication does not require external encryption. and d is incorrect, since ssl on the web server is used for browser to web server communication.

20. 

What is the default location for the key store in the SSL Relay Configuration?

  1. Program Files\Citrix\IMA\SSLRelay\Keystore

  2. %SYSTEMROOT%\Keystore

  3. %SYSTEMDRIVE%\Keystore

  4. %SYSTEMROOT%\SSLRelay\Keystore

 d is correct. this is the default location for the key store. a, b, and c are incorrect directories for the default location.

Answers

11. 

þ B and C are correct. Public key-private key encryption uses two keys. The public key used to encrypt data can be distributed freely. The private key must be kept secure, since it is used to decrypt the data.

ý A is incorrect because a single key algorithm is called symmetric key encryption. D is incorrect because symmetric key encryption is faster than public key-private key encryption.

12. 

þ A, C, and D are correct. Windows 98 and Windows 2000 both use the Citrix Win32 client, which does support encryption. The Linux x86 client also supports encryption and will be able to connect. The Sun Solaris systems use a Unix client, which does not support ICA encryption.

ý B is incorrect, since the DOS client does support ICA encryption.

13. 

þ A, B, and D are correct. The Diffie-Hellman, public key-private key, and key agreement algorithm is used at logon to create a new symmetric key for each session. Both the Netscape Plug-in and Internet Explorer ActiveX control support ICA encryption.

ý C is incorrect, since MetaFrame supports only 40-, 56-, and 128-bit encryption.

14. 

þ D is the correct answer. The algorithm establishes a 1024-bit key at each login, but only the first 256 bits of the key is used.

ý A, B, and C are incorrect.

15. 

þ A, B, C, and D are all correct. These are all encrypted in the ICA session.

16. 

þ B is correct. Using Citrix Connection Configuration, you can configure the required encryption for every connection. A user connecting without the required encryption level will not be allowed to log on

ý A is incorrect because while you can configure it for each application individually, this, by itself, does not stop a user from connecting to a specific server without encryption. C is incorrect because there are no encryption settings within Citrix server Administration, and D is incorrect because the SSL Relay Configuration configures SSL encryption for NFuse.

17. 

þ B is correct. In order to secure browser to Web server security, you will need to set up SSL encryption for your NFuse Web pages.

ý A is incorrect, since the SSL Relay Configuration does not configure client-side SSL. C is incorrect because ICA encryption does not protect passwords entered into an NFuse Web site. D is incorrect, since the passwords are passed to the Web server in clear text when not using SSL.

18. 

þ B is correct. Ticketing will encrypt the domain name and password and replace them with a 'ticket.' This ticket is only good for one use or 200 seconds.

ý A is incorrect because the data store has no ticketing function. C is incorrect, since the SSL Relay has nothing to do with ticketing. D is incorrect because this is used to secure the client username and password when transmitted to the Web server.

19. 

þ C is correct. The SSL Relay is used to encrypt the XML communication between the Web server and the MetaFrame server.

ý A is incorrect because this is handled by RC5 ICA encryption. B is incorrect because this communication does not require external encryption. And D is incorrect, since SSL on the Web server is used for browser to Web server communication.

20. 

þ D is correct. This is the default location for the key store.

ý A, B, and C are incorrect directories for the default location.



 < Free Open Study > 



CCA Citrix MetaFrame XP for Windows Administrator Study Guide Exam 70-220
CCA Citrix MetaFrame XP for Windows Administrator Study Guide (Exam 70-220)
ISBN: 0072193190
EAN: 2147483647
Year: 2001
Pages: 169

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net