2024年最新の認定サンプル問題2V0-51.23問題集と練習試験合格させます [Q36-Q60]

2024年最新の認定サンプル問題2V0-51.23問題集と練習試験合格させます

2V0-51.23豪華セット学習ガイドにはオンライン試験エンジン

質問 # 36
Drag and drop each Desktop Persistence type on the left to its matching description on the right.

正解：

解説：

質問 # 37
Which storage product allows the pooling of resources to create datastores in a software defined datacenter?

A. VMware vSAN
B. VMware HCI Mesh
C. VMware VMFS
D. VMware Storage I/O Control

正解：A

解説：
Explanation
VMware vSAN is a storage product that allows the pooling of resources to create datastores in a software defined datacenter. VMware vSAN is a hyper-converged infrastructure solution that integrates compute, storage, and networking resources on industry-standard x86 servers. VMware vSAN aggregates local or direct-attached data storage devices to create a single storage pool shared across all hosts in the vSAN cluster.
VMware vSAN enables you to provision and manage storage from the VMware vSphere Web Client or the VMware vCenter Server Appliance Shell. VMware vSAN provides several benefits, such as lower total cost of ownership, simplified management, high performance, scalability, and availability12. References := 1:
VMware Horizon 8 Documentation: VMware vSAN Overview 2: VMware Horizon 8 Documentation: Benefits of Using VMware vSAN with Horizon 8

質問 # 38
Drag and drop the TLS Configuration steps on the left into the correct sequential order on the right.

正解：

解説：

Explanation
To correctly sequence the TLS Certificate Configuration Steps:
Get a new signed TLS certificate from a CA.Before making any modifications or importing the certificate, you'll first need to obtain a new signed TLS certificate from a Certificate Authority (CA). So, this should beStep 1.
Import the TLS certificate into the Windows local computer certificate store.After obtaining the new signed TLS certificate, the next logical step is to import this certificate into the Windows local computer certificate store. This would beStep 2.
Modify the certificates/ friendly names to vdm and reflect the current active certificate.Once the certificate is imported, the next step is to modify its friendly names to ensure the Horizon Service recognizes and uses this certificate. This becomesStep 3.
Restart Horizon Service.Finally, after all the modifications and configurations are done, you should restart the Horizon Service to apply the changes. This isStep 4.
In summary:

質問 # 39
Refer to the exhibit.
Drag and drop the ports on the left to allow an external Blast Extreme connection through Unified Access Gateway (UAG) into the diagram on the right.

正解：

解説：

Explanation:

質問 # 40
An administrator needs to upgrade a Unified Access Gateway (UAG) appliance. The UAG is connected to a load balancer with other UAGs and has existing sessions.
Which option provided allows minimal downtime for maintenance?

A. Power off the UAG appliance.
B. Enable Quiesce Mode in the UAG Admin UI.
C. Remove the Horizon Connection Server thumbprint in the UAG Admin UI.
D. Suspend the UAG appliance.

正解：B

解説：
Enabling Quiesce Mode in the Unified Access Gateway (UAG) Admin UI is the recommended approach for minimizing downtime during maintenance or upgrades when the UAG is part of a load-balanced cluster.
Quiesce Mode allows the UAG to stop accepting new connections while allowing existing sessions to continue until they naturally end. This ensures minimal disruption to users and allows for a controlled upgrade process.

質問 # 41
Refer to the exhibit.
Drag and drop the correct options to build a Simple True 5SO Architecture on the left into the diagram on the right.

正解：

解説：

Explanation:

SAML -> Connects the client to Workspace ONE Access
Certificate Authority -> Issues certificates for vrm and Enrollment Server Connection Server -> Connects vrm to Active Directory Enrollment Server -> Connects Workspace ONE Access to vrm You can find more information about the Simple True 5SO Architecture in the VMware Horizon 8.x Professional source documents or study guide1. This architecture is a simplified version of the True SSO Architecture, which allows users to log in to their virtual desktops and applications without entering credentials multiple times. The Simple True 5SO Architecture uses Workspace ONE Access as the identity provider, which authenticates users with SAML and issues SAML assertions. The Enrollment Server then uses the SAML assertions to request short-lived certificates from the Certificate Authority, which are used to authenticate users to the Connection Server. The Connection Server then connects users to their virtual desktops and applications through vrm, which is integrated with Active Directory2.
References:
VMware Horizon 8.x Professional
Simple True SSO Architecture

質問 # 42
Which two of the following are features of VMware Horizon Agent for Linux? (Choose two.)

A. display protocol PCoIP
B. USB redirection
C. session collaboration
D. location based printing
E. installation registration requirement

正解：A、B

質問 # 43
Which are the required permissions an administrator must assign to the user account for instant-clone operations in Active Directory before creating instant-clone desktop pools? (Choose three.)

A. Create and Delete Computer Objects
B. Read and Write All Properties
C. Create and Delete Child objects
D. Modify Owner
E. List contents
F. Write to service principal names

正解：A、B、C

解説：
For instant-clone operations in Active Directory, the user account used by VMware Horizon needs specific permissions to manage computer objects effectively. These include the ability to create and delete child objects and computer objects, as well as read and write all properties of those objects. These permissions ensure that Horizon can create, modify, and clean up computer accounts associated with instant clones, facilitating seamless desktop provisioning and management.

質問 # 44
A senior Horizon administrator is tasked with enabling two-factor authentication for other Horizon administrators to login to the Horizon Console.
Which option will the administrator use that supports two-factor authentication?

A. SAML
B. Smart Card Authentication
C. RADIUS
D. RSA SecureID

正解：C

解説：
RADIUS (Remote Authentication Dial-In User Service) supports two-factor authentication and can be integrated with VMware Horizon to secure administrative access to the Horizon Console. RADIUS servers authenticate users based on a combination of something they know (a password) and something they have (a token or mobile app-generated code), providing an added layer of security for administrative logins.

質問 # 45
The administrator of Windows 10 desktops in a VMware Horizon environment needs to build a new Windows
10 desktop pool. This new pool will be dedicated to training and onboarding new employees. The administrator has created a shortcut on a test machine, which has successfully opened the web browser to the on-boarding applications. After deploying the new desktop pool across the company, the administrator notices that the shortcut placed on desktops is not available to any other user connecting to the desktop pool.
Which two options are available for the administrator to make this shortcut available to all desktop pool users, while minimizing ongoing administrative effort, before updating the desktop pool golden image? (Choose two.)

A. Copy the shortcut to c:\users\Public\Desktop.
B. Copy the shortcut to the Windows Default Domain Controller Policy.
C. Configure a Shortcut with DEM (Dynamic Environment Manager).
D. Copy the shortcut during user provisioning to a non-writeable App Volume.
E. Configure a Shortcut with Horizon View Client.

正解：A、C

解説：
Explanation
The two options that are available for the administrator to make the shortcut available to all desktop pool users, while minimizing ongoing administrative effort, before updating the desktop pool golden image are:
Copy the shortcut to c:\users\Public\Desktop. This option will place the shortcut in the public desktop folder, which is shared by all users who log on to the same computer. The public desktop folder is normally a hidden folder, so the administrator needs to enable the option to show hidden files and folders in File Explorer1. This option does not require any additional software or configuration, but it will only work for the existing desktops in the pool. If new desktops are added or refreshed, the shortcut will not be copied automatically.
Configure a Shortcut with DEM (Dynamic Environment Manager). This option will use the DEM console to create a shortcut configuration that will apply the shortcut to the user's desktop during logon2. The administrator needs to install and configure DEM on the Horizon environment, and create a configuration share and a profile archive share for storing the DEM settings3. This option requires more initial setup, but it will work for any desktop in the pool, regardless of whether it is new or refreshed. It also allows more flexibility and control over the shortcut properties and conditions.
The other options are not valid or feasible because:
Copying the shortcut during user provisioning to a non-writeable App Volume will not work because App Volumes are used to deliver applications, not shortcuts. App Volumes are virtual disks that are attached to the virtual machines at runtime, and they contain application files, registry entries, and settings4. Copying a shortcut to an App Volume will not make it appear on the user's desktop.
Copying the shortcut to the Windows Default Domain Controller Policy will not work because this policy is used to configure settings for domain controllers, not desktops. The Default Domain Controller Policy is a Group Policy Object (GPO) that is linked to the Domain Controllers organizational unit (OU) in Active Directory, and it contains security settings that are applied to all domain controllers in the domain5. Copying a shortcut to this policy will not affect any desktops in the Horizon environment.
Configuring a Shortcut with Horizon View Client will not work because Horizon View Client is used to connect to remote desktops and applications, not to create shortcuts. Horizon View Client is a software application that runs on various devices and platforms, and it allows users to access their virtual desktops and applications through a secure connection6. Configuring a shortcut with Horizon View Client will not make it appear on the user's desktop.
References:
How to make a desktop shortcut available for all users in Windows 101
VMware Dynamic Environment Manager (DEM) 2306 - Carl Stalhood2
VMware Tech Zone Antivirus Considerations in a VMware Horizon Environment: exclusions for Horizon View, App Volumes, User Environment Manager, ThinApp3 App Volumes Overview Default Domain Controller Policy5 VMware Horizon Clients Documentation6

質問 # 46
What is the effect of changing any VMware Blast policy that cannot be changed in real time?

A. VMware Tools services is restarted by Microsoft GPO Update service.
B. Horizon Client detects the change and prompts the user to reboot once every 480 seconds.
C. VMware Tools detects the change and immediately applies the new setting within 480 seconds.
D. Microsoft GPO update rules apply and GPOs are updated manually or by restarting the Horizon Agent.

正解：D

解説：
Explanation
VMware Blast policy settings are stored in the registry key HKLM\Software\Policies\VMware, Inc.\VMware Blast\Config on the remote desktops or RDS hosts that use the VMware Blast display protocol. These settings can be configured by using the VMware Blast ADMX template file (vdm_blast.admx) and applying it through Microsoft Group Policy Object (GPO). Some of these settings can be changed in real time, which means that they take effect immediately after the policy is applied, without requiring a reboot or a reconnection of the Horizon Client. However, some of these settings cannot be changed in real time, which means that they require a reboot or a reconnection of the Horizon Client to take effect.
The effect of changing any VMware Blast policy that cannot be changed in real time is that the Microsoft GPO update rules apply and GPOs are updated manually or by restarting the Horizon Agent. This means that the new policy settings will not be applied until one of the following events occurs:
The Horizon Agent service is restarted on the remote desktop or RDS host. This can be done manually by using the Services console or the command-line tool sc.exe, or automatically by using a scheduled task or a script.
The remote desktop or RDS host is rebooted. This can be done manually by using the Restart option in Windows, or automatically by using a scheduled task or a script.
The Group Policy refresh interval is reached. This is a configurable time interval that determines how often the system checks for and applies new or changed GPOs. By default, this interval is 90 minutes for domain members and 5 minutes for domain controllers, with a random offset of 0 to 30 minutes. This interval can be modified by using the Group Policy refresh interval for computers setting in the ComputerConfiguration\Administrative Templates\System\Group Policy folder of the Group Policy Management Console.
Therefore, to ensure that the VMware Blast policy settings that cannot be changed in real time are applied as soon as possible, it is recommended to restart the Horizon Agent service or reboot the remote desktop or RDS host after applying the policy.
References: VMware Blast Policy Settings, Group Policy refresh intervals, and [VMware Horizon 8.x Professional Course]

質問 # 47
An administrator is tasked with configuring VMware Integrated Printing. They enabled the VMware Integrated Printing feature during the installation of the Horizon Agent in the golden image, and created a Test Desktop Pool. On a physical end-point where the Horizon Client already is installed, the administrator added multiple network printers which are working perfectly. They test the configuration by connecting to the Horizon Desktop with the Horizon Client, unfortunately they do not see the printers within their Horizon Desktop.
What could be the reason that the administrator is not seeing the printers within his Horizon Desktop session?

A. The VMware Integrated Printing feature is not installed in the Horizon Client.
B. Port TCP 32111 is disabled.
C. Printing is disabled in the Horizon Desktop Pool.
D. Port TCP 9427 is disabled.

正解：C

解説：
Explanation
One of the possible reasons that the administrator is not seeing the printers within his Horizon Desktop session is that printing is disabled in the Horizon Desktop Pool. Printing is a feature that allows users to print from a remote desktop to any local or network printer available on their client device. Printing can be enabled or disabled for each desktop pool by using the VMware Integrated Printing feature.
VMware Integrated Printing is a feature that supports client printer redirection, location-based printing, and persistent print settings. Client printer redirection enables users to print from a remote desktop to any local or network printer available on their client device. Location-based printing enables users to print to network printers that are physically near their client device. Persistent print settings enable users to retain their print settings across sessions.
To enable or disable printing for a desktop pool, the administrator needs to follow these steps:
In Horizon Console, select Inventory > Desktops.
Select the desktop pool and click Edit.
In the Edit Desktop Pool dialog box, select the VMware Integrated Printing tab.
Select or clear the Enable VMware Integrated Printing check box.
Click OK.
If printing is disabled for a desktop pool, users will not see any printers within their Horizon Desktop session, even if they have installed the VMware Integrated Printing feature in the Horizon Agent and the Horizon Client. Therefore, to resolve this issue, the administrator needs to enable printing for the desktop pool by selecting the Enable VMware Integrated Printing check box.
The other options are not likely to be the reason that the administrator is not seeing the printers within his Horizon Desktop session:
Port TCP 9427 is disabled: This port is used by the VMware Integrated Printing feature for communication between the Horizon Agent and the Horizon Client. If this port is disabled, users might experience printing errors or delays, but they should still see the printers within their Horizon Desktop session.
The VMware Integrated Printing feature is not installed in the Horizon Client: This feature is installed by default in the Horizon Client for Windows, Mac, Linux, Chrome, and HTML Access. If this feature is not installed in the Horizon Client, users might not be able to print from their remote desktops, but they should still see the printers within their Horizon Desktop session.
Port TCP 32111 is disabled: This port is used by ThinPrint for communication between the Horizon Agent and the ThinPrint Client. ThinPrint is a legacy printing feature that has been replaced by VMware Integrated Printing. If this port is disabled, users might experience printing errors or delays with ThinPrint, but they should still see the printers within their Horizon Desktop session if they use VMware Integrated Printing.
References: Configuring VMware Integrated Printing, Enable or Disable Printing for a Desktop Pool, and
[VMware Horizon 8.x Professional Course]

質問 # 48
Which pre-requisite should be met before installing the Horizon Connection Server?

A. An SSL server certificate must be installed on the Horizon Connection Server.
B. Use a domain user account with administrator privileges on the Horizon Connection Server.
C. Install AD DS and AD LDS Tools on the Horizon Connection Server.
D. The host system must be a vSphere VM with a static IP address.

正解：B

解説：
Explanation
One of the prerequisites for installing the Horizon Connection Server is to use a domain user account with administrator privileges on the system. This is because the installer needs to access and modify certain system files and registry settings, as well as create and configure the VMware Horizon View services. The installer also authorizes an Administrators account that has full administration rights for the Horizon environment, including the right to install replicated Connection Server instances. The other options are not prerequisites for installing the Horizon Connection Server. The host system can be a physical or virtual machine, but it must have an IP address that does not change. An SSL server certificate is not required for the initial installation, but it is recommended to replace the default self-signed certificate with a valid certificate from a trusted CA after the installation. AD DS and AD LDS Tools are not required for installing the Horizon Connection Server, but they can be useful for troubleshooting and managing the ADAMdatabase that stores the Horizon configuration data. References: Installation Prerequisites for Horizon Connection Server and [VMware Horizon 8.x Professional Course]

質問 # 49
An administrator is preparing to upgrade Horizon Connection Servers in parallel.
What action must first be performed to ensure that there are no issues with Horizon LDAP replication within the Pod?

A. Execute ViewDBChk.cmd --scanMachines.
B. Execute vdmexport.exe -f Myexport.lDF.
C. Execute repadmin.exe/showrepl localhost:389.
D. Execute vdmadmin.exe -S.

正解：C

解説：
Explanation
The action that must first be performed to ensure that there are no issues with Horizon LDAP replication within the Pod is to execute repadmin.exe/showrepl localhost:389. This command will display the replication status of the local Connection Server instance and show any errors or warnings that might affect the replication process1. The administrator should run this command on each Connection Server instance in the Pod before upgrading them in parallel, and resolve any issues that are reported.
The other options are not valid or feasible because:
Executing ViewDBChk.cmd --scanMachines will not check the Horizon LDAP replication status, but rather scan the vCenter Server inventory for virtual machines that are managed by Horizon and report any inconsistencies or errors2. This command is useful for troubleshooting virtual machine issues, but not for verifying LDAP replication.
Executing vdmexport.exe -f Myexport.lDF will not check the Horizon LDAP replication status, but rather export the Horizon LDAP configuration data to a file named Myexport.lDF3. This command is useful for backing up or restoring the Horizon LDAP data, but not for verifying LDAP replication.
Executing vdmadmin.exe -S will not check the Horizon LDAP replication status, but rather display the health status of the Connection Server instances in the Pod4. This command is useful for monitoring the Connection Server performance and availability, but not for verifying LDAP replication.
References:
Repadmin Examples1
ViewDBChk Tool2
Back Up Horizon Configuration Data3
Display Health Status Information4

質問 # 50
An administrator has been tasked with determining the type of VMware Horizon deployment for their organization.
These requirements have been provided to the administrator:
* It must support Windows 10 Enterprise multi-session desktops.
* It must support App Volumes.
* It must support centralized brokering.
* It must automatically route end-users to the most appropriate virtual workspace.
Which deployment solution meets the requirements?

A. VMware vSphere Desktop Edition
B. VMware Horizon Cloud on Microsoft Azure
C. VMware Horizon On-Premises
D. VMware Workspace ONE Unified Endpoint Management

正解：B

解説：
VMware Horizon Cloud on Microsoft Azure is the only deployment solution that meets all the requirements. VMware Horizon Cloud on Microsoft Azure supports Windows 10 Enterprise multi-session desktops, which are a new Remote Desktop Session Host exclusive to Azure Virtual Desktop on Azure1. It also supports App Volumes, which is a real-time application delivery system that enables IT to instantly provision applications to users or desktops. VMware Horizon Cloud on Microsoft Azure supports centralized brokering, which means that the Horizon Cloud Service acts as a single point of entry for end users to access their virtual desktops and applications. VMware Horizon Cloud on Microsoft Azure also supports automatic routing of end-users to the most appropriate virtual workspace, using the Universal Broker feature. Universal Broker is a cloud-based brokering service that provides a unified user experience across multiple Horizon pods and clouds.
VMware vSphere Desktop Edition does not support Windows 10 Enterprise multi-session desktops, as they are only available on Azure Virtual Desktop1. VMware Workspace ONE Unified Endpoint Management does not support App Volumes, as it is a different solution for managing devices and applications. VMware Horizon On-Premises does not support automatic routing of end-users to the most appropriate virtual workspace, as it requires manual configuration of load balancing and global entitlements. References:
Profile production applications in Azure with Application Insights Profiler1 Using Application Profiler - VMware Docs2 First look at profiling tools - Visual Studio (Windows)3 App Volumes Overview Horizon Cloud Service on Microsoft Azure Architecture Universal Broker Overview Workspace ONE UEM Overview Load Balancing Across Pods and Sites in a Cloud Pod Architecture Environment

質問 # 51
Drag and drop the Anywhere Workspace components on the left to their respective function on the right.

正解：

解説：

Explanation:
A screenshot of a computer program Description automatically generated

VMware Horizon is designed to deliver a virtual desktop and application infrastructure, providing IT with a modern, streamlined approach to deliver, protect, and manage Windows and Linux virtual desktops and applications while containing costs and ensuring that end users can work anytime, anywhere, on any device.
Horizon 8 supports flexible hybrid and multi-cloud deployment options and offers an optimized experience with unified communication and collaboration tools. The VMware Blast Extreme Protocol, included with Horizon 8, is a dynamic display protocol that delivers an immersive, feature-rich user experience across devices, locations, media, and network connections.
VMware Workspace ONE UEM (Unified Endpoint Management) is crucial for ensuring that end-user devices comply with an organization's IT policies. It manages and secures endpoints like smartphones, tablets, laptops, and desktops, streamlining operational tasks for IT while ensuring corporate data security.
VMware Workspace ONE Access facilitates secure and simplified access to enterprise applications, providing single sign-on capabilities and conditional access based on user authentication. This ensures that users can access the resources they need efficiently while maintaining the security of the organization's data and applications.
References:
For more information on VMware Horizon 8 and its capabilities, you can refer to VMware's official documentation and resources available at techzone.vmware.com, which provides a comprehensive overview of Horizon 8, including its architecture, components, and deployment scenarios.
Detailed insights into VMware Workspace ONE UEM and Workspace ONE Access can be found within VMware's product documentation and techzone resources, which offer guidance on implementing and managing these solutions as part of the Anywhere Workspace ecosystem.

質問 # 52
Where are exclusions specified for Writable Volumes to prevent App Volumes from persisting specific data between sessions?

A. config.ini
B. svservice.log
C. json.cfg
D. snapvol.cfg

正解：D

解説：
Writable Volumes are user-specific virtual disks that store user-installed applications, data, and settings. App Volumes is a real-time application delivery system that uses Writable Volumes to deliver applications that are not multi-user aware. However, sometimes it might be necessary to prevent App Volumes from persisting specific data between sessions, such as temporary files, application updates, or registry keys. To do this, administrators can specify exclusions for Writable Volumes in a policy file called snapvol.cfg.
The snapvol.cfg file is a text file that contains policy settings for App Volumes. These settings determine which files and registry keys are captured or excluded by App Volumes. The snapvol.cfg file can be customized by administrators to suit different needs and scenarios. The snapvol.cfg file can be applied to both application packages and Writable Volumes.
To specify exclusions for Writable Volumes, administrators can use the following keywords in the snapvol.cfg file:
exclude_uwv_file: This keyword excludes a file or folder path from being persisted on a Writable Volume. For example, exclude_uwv_file=\Program Files (x86)\Notepad++ excludes the folder location of Notepad++ from being overwritten during an update.
exclude_uwv_reg: This keyword excludes a registry key or value from being persisted on a Writable Volume. For example, exclude_uwv_reg=\REGISTRY\MACHINE\SOFTWARE\Notepad++ excludes the registry location of Notepad++ from being overwritten during an update.
The snapvol.cfg file must be uploaded to the Writable Volume by using the Update Writable Volumes feature in App Volumes Manager. The exclusions will take effect after the user logs off and logs back in to the desktop.
The other options are not valid files for specifying exclusions for Writable Volumes:
config.ini: This file is used to configure the App Volumes agent settings, such as the App Volumes Manager address, the logging level, and the SSL certificate validation.
svservice.log: This file is used to record the App Volumes agent log messages, such as the agent status, the package attachment, and the error messages.
json.cfg: This file does not exist in App Volumes.
References: Writable Volume Exclusions, Policy Files (snapvol.cfg) in App Volumes, and [VMware Horizon
8.x Professional Course]

質問 # 53
An administrator configured a virtual machine to use an NVIDIA card but the virtual machine is not starting up.
What could be the cause of the issue? (Choose two.)

A. Not all CPU has been reserved on the VM.
B. 3D graphics cannot be used with local storage.
C. Not all memory has been reserved on the VM.
D. The Desktop Pool doesn't support 3D cards.
E. No suitable host could be found.

正解：C、E

解説：
When configuring a virtual machine to use an NVIDIA graphics card, issues such as the VM not starting can occur if there is no suitable host available that meets the requirements for 3D graphics, or if not all memory required by the 3D graphics card has been reserved for the VM. Ensuring that the host has the necessary 3D graphics capabilities and that the VM is configured with reserved memory can resolve these issues.

質問 # 54
What are two Cloud Pod Architecture feature limitations? (Choose two.)

A. The Cloud Pod Architecture feature is not supported in an IPv6 environment.
B. Cloud Pod Architecture cannot span multiple sites and data centers simultaneously.
C. Kiosk mode clients are not supported unless a workaround has been implemented.
D. Cloud Pod Architecture is not supported with Unified Access Gateway appliances.
E. Cloud Pod Architecture does not support Active Directory two-way trusts between domains.

正解：C、E

解説：
Explanation
Cloud Pod Architecture is a feature that allows administrators to link multiple Horizon pods across sites and data centers to form a single logical entity called a pod federation. Cloud Pod Architecture enables global entitlements, which allow users to access desktops and applications from any pod in the pod federation. Cloud Pod Architecture also provides load balancing, high availability, and disaster recovery capabilities for Horizon deployments.
However, Cloud Pod Architecture has some feature limitations that administrators should be aware of. Two of these limitations are:
Cloud Pod Architecture does not support Active Directory two-way trusts between domains: This means that the domains that contain the Horizon pods in the pod federation must have a one-way trust relationship, where the domain that contains the Cloud Pod Architecture home site trusts all the other domains, but not vice versa. A two-way trust relationship, where each domain trusts and is trusted by all the other domains, is not supported by Cloud Pod Architecture and can cause authentication and entitlement issues.
Kiosk mode clients are not supported unless a workaround has been implemented: This means that users who log in to Horizon Client in kiosk mode, which is a mode that allows users to access a single desktop or application without entering credentials, cannot access desktops or applications from a Cloud Pod Architecture implementation. Kiosk mode clients are not compatible with global entitlements and load balancing features of Cloud Pod Architecture. However, there is a workaround that involves creating a dedicated user account and a dedicated desktop pool for each kiosk mode client and using a script to launch Horizon Client with the appropriate parameters. For instructions, see VMware Knowledge Base (KB) article 21488881.
The other options are not limitations of Cloud Pod Architecture:
Cloud Pod Architecture is supported with Unified Access Gateway appliances: Unified Access Gateway is a platform that provides secure edge services for Horizon deployments, such as secure remote access, load balancing, and authentication. Unified Access Gateway is compatible with Cloud Pod Architecture and can be configured to route user requests to the appropriate pod in the pod federation based on global entitlements and load balancing policies.
Cloud Pod Architecture can span multiple sites and data centers simultaneously: This is one of the main benefits of Cloud Pod Architecture, as it allows administrators to scale up and out their Horizon deployments across different geographic locations and network boundaries. Cloud Pod Architecture can support up to 15 pods per pod federation andup to 5 sites per pod federation, with a maximum of
200,000 sessions per pod federation.
The Cloud Pod Architecture feature is supported in an IPv6 environment: IPv6 is the latest version of the Internet Protocol that provides a larger address space and enhanced security features for network communication. Cloud Pod Architecture supports IPv6 environments and can operate in mixed IPv4 and IPv6 environments as well.
References: Cloud Pod Architecture Limitations in Horizon 8 and [VMware Horizon 8.x Professional Course]

質問 # 55
Drag and drop the TLS Configuration steps on the left into the correct sequential order on the right.

正解：

解説：

Explanation:
To correctly sequence the TLS Certificate Configuration Steps:
Get a new signed TLS certificate from a CA. Before making any modifications or importing the certificate, you'll first need to obtain a new signed TLS certificate from a Certificate Authority (CA). So, this should be Step 1.
Import the TLS certificate into the Windows local computer certificate store. After obtaining the new signed TLS certificate, the next logical step is to import this certificate into the Windows local computer certificate store. This would be Step 2.
Modify the certificates/ friendly names to vdm and reflect the current active certificate. Once the certificate is imported, the next step is to modify its friendly names to ensure the Horizon Service recognizes and uses this certificate. This becomes Step 3.
Restart Horizon Service. Finally, after all the modifications and configurations are done, you should restart the Horizon Service to apply the changes. This is Step 4.
In summary:

質問 # 56
A junior-level Horizon administrator is not able to see all RDS farms.
Where would a high-level administrator need to make changes to correct the issue?

A. Global Entitlements
B. Category Folder
C. Global Policies
D. Access Groups

正解：D

解説：
Access groups are a way of organizing and delegating the administration of machines, desktop pools, application pools, and farms in Horizon. By default, all these objects reside in the root access group, which appears as / or Root (/) in Horizon Console. A high-level administrator can create sub-access groups under the root access group and assign different permissions to different administrators for each access group. For example, a high-level administrator can create an access group called RDS Farms and assign the Inventory Administrators role to a junior-level administrator for that access group. This way, the junior-level administrator can see and manage all the RDS farms that are in the RDS Farms access group, but not the ones that are in other access groups or the root access group. Therefore, to correct the issue of a junior-level administrator not being able to see all RDS farms, a high-level administrator needs to make changes to the access groups and the permissions associated with them. References: Understanding Permissions and Access Groups and [VMware Horizon 8.x Professional Course]

質問 # 57
Drag and drop each Horizon console predefined role on the left to its matching function on the right.

正解：

解説：

Administrator: Performs all administrative functions and applies to an Access Group.
Inventory Administrator: Performs all desktop, session, and pool-related operation.
Local Administrator: No rights to manage Cloud Pod or the Global Data Layer.

質問 # 58
An administrator needs to enable Session Collaboration in the VMware Horizon environment. What will be used as a requirement to enable Session Collaboration?

A. PCoIP protocol
B. dedicated Instant Clone pool
C. floating Instant Clone pool
D. BLAST protocol

正解：D

解説：
Collaboration is a feature that allows users to invite other users to join an existing Windows or Linux remote desktop session with both screen sharing and audio out features enabled. A remote desktop session that is shared in this way is called a collaborative session. The user that shares a session with another user is called the session owner, and the user that joins a shared session is called a session collaborator. A Horizon administrator must enable the Session Collaboration feature for the desktop pool or farm that contains the remote desktops that support collaboration.
One of the requirements to enable Session Collaboration is to use the VMware Blast display protocol for the remote desktops. VMware Blast is a protocol that provides high-performance, high-quality graphics and multimedia delivery over LAN or WAN networks. VMware Blast supports Session Collaboration by allowing multiple users to view and interact with the same remote desktop session simultaneously. Other display protocols, such as PCoIP or RDP, do not support Session Collaboration and will not allow users to share or join collaborative sessions.
Therefore, to enable Session Collaboration in the VMware Horizon environment, the administrator needs to use the BLAST protocol as a requirement. References: Configuring Session Collaboration, Sharing Remote Desktop Sessions, and [VMware Horizon 8.x Professional Course]

質問 # 59
Refer to the exhibit.
An administrator needs to monitor the advanced metrics of desktop sessions in Horizon Console.
Mark where the administrator would navigate in the Horizon Console by clicking on it.

正解：

解説：

Explanation

To monitor the advanced metrics of desktop sessions in Horizon Console, you need to use the Horizon Help Desk Tool. This is a web application that you can use to get the status of Horizon 8 user sessions and to perform troubleshooting and maintenance operations1. You can also view performance details for a virtual or published desktop session that uses the PCoIP or VMware Blast display protocol2.
To access the Horizon Help Desk Tool, you need to click on the Monitoring tab on the left side of the Horizon Console. Then, you need to select Help Desk from the drop-down menu. This will open the Horizon Help Desk Tool in a new browser tab. You can then search for a user, machine, or pool and view the session details. You can also click on More to see the advanced metrics such as latency, bandwidth, protocol, and frame rate1.