1Y0-327 - Citrix Password Manager 4.5: Administration
Go back to Citrix
Which two components are required to configure data integrity assurance? (Choose two.)
Data Integrity Module
Password Manager Service
You are managing the network. One of your administrators is configuring a Windows application definition and only a few of the Control ID fields are recognized. How can the administrator complete the configuration of the application definition?
Go into the Action Editor and specify special keyboard actions for the remaining fields
A user is manually adding a logon form for a web-based application through Logon Manager. The application is not included in the predefined list. Which two steps must the user perform before the user ID and password can be stored? (Choose two.)
Enter the address into the URL-http:// field.
Enter the name of the application.
When a doctor is in the office, the doctor uses an Active Directory password to authenticate to the agent machine. The doctor then moves to the patient bedside and logs into an agent machine with a smart card. For this scenario, what is true about key recovery?
It is only performed the first time the doctor logs on with a new authentication method.
You work as a network engineer at . One of your administrators created an application definition for a web site. Users in the environment begin to complain that every time they log off from this web site, Password Manager logs them back on immediately. As a short term solution, users are resolving the problem by closing their browsers. This is not convenient because the browser is published on Presentation Server and each time users close their browsers, they must restart their sessions. When editing the application definition, which step should an administrator take to resolve the problem?
Enable the process only the first logon for this application option
You work as a network engineer at . One of your administrators installs the Password Manager Service and implements data integrity in an environment where the central store data is required to be digitally signed. Which information must the administrator provide when configuring the Password Manager Service?
The address and port number of the server hosting the Password Manager Service
What is the purpose of application groups?
To group applications that share a common password policy
When an NTFS Network Share is used as the central store, on which server should the file share be located?
A server in the same domain as the Password Manager agent software
You work as a network engineer at . One of your administrators in an environment with multiple operating systems is considering the implementation of the Hot Desktop feature. On which two operating systems can the administrator install Hot Desktop? (Choose two.)
Microsoft Windows XP Embedded
Microsoft Windows XP Professional (32-bit)
In which location is the disconnected mode period for the licensing model configured?
User configurations node in the Password Manager Console
Where should the Password Manager agent software be installed?
On the same computer where the enabled single sign-on applications run
You work as a network engineer at . One of your administrators created an application definition and wants to test the password change for the application. Everything is working until the administrator selects "Create Your Own Password" in the Password Change Wizard. The administrator types "111" and confirms the password. The application returns a message that the password is not accepted because a minimum of 8 characters, including letters and numbers is required. Which two steps can an administrator complete in order to solve this problem? (Choose two.)
Verify that the password policy for this application requires 8 characters, including letters and numbers.
Verify that the correct password policy was assigned to this application definition within the user configuration.
is implementing Citrix Password Manager and management gives the Network Administrator a list of tasks to accomplish. Which of these specifications requires that the administrator configure question-based authentication?
Users must be able to securely unlock their own Windows accounts.
A large, international bottling company deployed and used Citrix Password Manager successfully in all of its worldwide offices for the past six months. This deployment includes the Account Self-Service feature, with a policy that the question-based authentication questionnaire should be changed every six months. After the Citrix Administrator changes the questionnaire, which statement describes the user experience?
The next time users log in, they will be prompted by the Password Manager Registration Wizard to complete the questionnaire.
You are managing the network. One of your administrators of an enterprise is configuring password sharing groups in an effort to reduce the number of calls placed to the help desk for resetting passwords. Which statement regarding the configuration of password sharing groups in an environment is true?
They allow the Password Manager agent software to manage the password for all the applications in the group as a single entity.
You work as a network engineer at . One of your administrators just created a web application definition using the Password Manager Console and deployed it on systems running the agent software. In which two .INI files are the configurations stored? (Choose two.)
Which two steps must be completed in order to implement Account Self-Service? (Choose two.)
Configure a data proxy account for the Password Manager Service.
Install a trusted Password Manager Service certificate authority path on the agent software.
You work as a network engineer at . One of your administrators creates and processes the necessary provisioning file using the Provisioning Wizard in the Password Manager Console. Which statement best describes the provisioning process that will follow?
The provisioning service will store individual provisioning items encrypted in the user's portion of the central store. When the user next logs in, the Password Manager agent software will take the provisioning items and create the Logon Definitions.
To enable data integrity on a central store with pre-existing data that has never been signed, the administrator must _____ before _____. (Fill in the blanks with the correct pair of options.)
sign the data with the signing tool; enabling data integrity on the console
Which two elements are used by the agent software to recognize a web application? (Choose two.)
You work as a network engineer at . One of your administrators discovers that many users are including the company name in their passwords. In accordance with best practice, which rules should an administrator use to prevent users from including a specific word in their passwords?
Password Exclusion Rules
Which two object types are used together to manage password expiration? (Choose two.)
What are two justifications for using an NTFS shared folder as the central store in an environment that has Active Directory implemented? (Choose two.)
This helps reduce the authentication task workload from the Active Directory environment.
Administrators do not need to extend the Active Directory schema.
You work as a network engineer at . One of your administrators configured an application definition for a "New CRM Database" Windows application. The administrator tested the application on a computer that had the Citrix Password Manager agent software installed. The agent software correctly detected and submitted credentials for the application. Now the administrator is configuring a second form for this application definition to allow Password Manager to recognize and interact with the Change Password window for this application. When the administrator reached the "Identify form" step, he noticed the following window title for the change password form of the application: "Change Password - 10:30PM", where the time represents real time. How can the administrator configure this change password form so that it is recognized by Password Manager?
Manually add the window title of 'Change Password - *'
You work as a network engineer at . One of your administrators creates an application definition for a host-based application. The administrator adds the host application definition to an application group in a user configuration. The administrator starts the agent software on a workstation and then starts the host-based application, but the agent software does not respond. Which step can the administrator use to troubleshoot this problem?
Verify that the host emulator setting has been enabled within the user configuration
You work as a network engineer at . One of your administrators is planning an implementation of Password Manager 4.5. The administrator recently obtained a new software with a custom graphical identification and authentication (GINA) DLL that needs to be deployed to users in the Drafting department. Which two statements are true about installing the agent software for this environment? (Choose two.)
Administrator privileges are required during installation because the Citrix Password Manager agent software adds a GINA to the client device.
The software that uses a custom GINA should be installed before the Citrix Password Manager agent software in order to preserve proper GINA chaining.
When configuring a host application, how can the administrator configure the definition to submit an "Enter" before submitting credentials to the host?
Type "@E" into the "Keys before" setting in the console.
purchases 99 named user licenses for Citrix Password Manager Advanced Edition. The administrator installs the license file and launches the License Management Console to ensure that the license file is properly installed. The administrator also sets up the Citrix Password Manager environment and launches the Password agent software. When the agent software starts, the following error message is displayed: "Cannot acquire a license. The required license is not installed. Citrix Password Manager Agent is disabled." Which two misconfigurations for the user configuration could be the possible cause of this problem? (Choose two.)
Wrong license model setting
Wrong edition level setting
Which two statements regarding the central store are true? (Choose two.)
An NTFS network share central store has the same level of functionality as an Active Directory central store without extending the Active Directory schema.
An administrator can start with an NTFS network share as the central store and later migrate to an Active Directory central store.
The signing tool uses the _____ to sign the data on the central data store and the _____ to verify the data on the central data store. (Fill in the blanks with the correct pair of options.)
You work as a network engineer at . One of your administrators wants to create a password policy for the Finance group. This policy will ensure that passwords are eight characters in length, with at least one uppercase and one numeric character. In addition, only two retries will be allowed for an incorrect password, and users will be forced to re-authenticate before submitting application credentials. Which three controls will allow the administrator to create a password policy to meet the requirements of this scenario? (Choose three.)
Numeric Character Rules
Basic Password Rules
Which action can an administrator take to disable data integrity on a central store containing pre-existing data that is signed?
Use the CTXSIGNDATA -u command prompt
Which user account requires rights and privileges to manage communication among the central store, automatic key recovery, and the Self-Service module?
Which statement about application definitions is true?
They allow the agent software to supply credentials to applications.
During the setup of a user configuration, an administrator chooses the previously used password key recovery method. The administrator changed a user's primary password because the user could not remember his password. What will happen the first time the user tries to launch the Password Manager agent software after his password has been changed?
The user will be prompted to enter their previous password.
Which statement regarding the disabling of security questions and subsequent user verification using a previous password is true?
When users forget their primary password, they will be locked out of Password Manager for security purposes and must re-enroll their secondary credentials.
You work as a network engineer at . One of your administrators is configuring a Windows application definition for an application that does not have a Windows title. What should the administrator specify as the Windows title?
When creating an application definition for a host-based application, in which .INI file should the host emulator program be defined?
When installing the Password Manager Service, which type of certificate is required for SSL communication?
What are two best practices for creating security questions? (Choose two.)
Require multiple questions to be answered by the users
Choose questions where the answers will remain the same over time
Which two features of the Password Manager agent software require the location of the Password Manager Service to be specified during agent software installation? (Choose two.)
Which statement is true regarding the Password Manager Self-Service Registration Wizard?
If a user closes the wizard without entering any information, the wizard will appear when the agent software is restarted.
Which two steps must an administrator take to implement certificate-based smart cards with a Password Manager deployment? (Choose two.)
Install smart card software before installing the agent software
Within the user configuration, enable the "Smart Card Certificate" data protection method
You work as a network engineer at . One of your administrators configured the Hot Desktop feature for an environment so that Microsoft Excel resides in the transient process list and Wordpad resides in the persistent process list. User1 logs on to a Hot Desktop session and launches Microsoft Excel, Wordpad, PowerPoint, and Word. User1 logs off and User2 logs on. Which application will still be running when User2 logs on?
When creating a Windows application definition, which identification feature provides anti-phishing protection for the application?
Identify Form >> Secure Path
A Citrix Administrator who is planning a large Password Manager deployment, decides to include the Account Self-Service feature and let users choose between their previous primary password and question-based authentication questionnaire after a primary password change. Which two steps are required to implement this? (Choose two.)
Choose Account Self-Service as part of the Password Manager Service and agent software installations.
When creating a user configuration, enable either or both of the Account Self-Service features, and choose a key recovery method of "Previous Password or Security Questions."
Which two criteria should a server meet before the Password Manager Service is installed? (Choose two.)
It should be in a physically secure location.
It should have a valid server certificate.
You work as a network engineer at . One of your administrators, creating a password policy for the Marketing group, wants to ensure that passwords are six to eight characters in length, with no repeated characters. In addition, when a password change is requested, users will be required to create a new password. Which two controls will allow the administrator to create the password policy to meet the requirements of this scenario? (Choose two.)
Customize Password Change Wizard
Basic Password Rules
Which two options can be configured using the Password Policy Wizard? (Choose two.)
Which user account needs rights and privileges to manage passwords for every user in the domain?