Download NetScaler.1Y0-340.PracticeTest.2019-01-26.64q.vcex

Vendor: Citrix
Exam Code: 1Y0-340
Exam Name: NetScaler
Date: Jan 26, 2019
File Size: 40 KB

How to open VCEX files?

Files with VCEX extension can be opened by ProfExam Simulator.

Demo Questions

Question 1
Scenario: A Citrix Engineer has deployed four NetScaler MPXs with the following network configuration:
  • Management traffic is on VLAN 5 (NSIP). 
  • Application and server traffic is on VLAN 10 (SNIP). 
The engineer added the NetScaler Management and Analytics System (NMAS) interface to VLAN 10 to deploy a NMAS High Availability (HA) pair to manage and monitor the applications and virtual servers. After doing so, the engineer is NOT able to see the NetScaler or applications that need to be managed. 
How can the engineer resolve the issue?
  1. Configure VLAN 5 as NSVLAN 5
  2. Move the NMAS interface to VLAN 5
  3. Configure VLAN 5 as NSSYNC VLAN
  4. Bind SNIP to VLAN 5
Correct answer: A
Question 2
A Citrix Engineer needs to configure NetScaler Management and Analytics System (NMAS) in their network to retain network reporting data, events, audit logs, and task logs for 20 days. 
Which settings can the engineer configure to meet the requirement?
  1. System Prune Settings
  2. System Backup Settings
  3. Instance Backup Settings
  4. Syslog Prune Settings
Correct answer: A
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/getting-started-with-mas.html
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/getting-started-with-mas.html
Question 3
A Citrix Engineer needs to ensure that all traffic to the virtual server is blocked if NONE of the bound Application Firewall policies are matched. 
Which setting can the engineer configure to meet this requirement?
  1. set appfw settings –undefAction APPFW_BLOCK
  2. set ns httpProfile nshttp_default_profile-dropInvalReqs DISABLED
  3. set ns httpProfie nshttp_default_profile –dropInvalReqs ENABLED
  4. set appfw settings –defaultProfile APPFW_BLOCK
Correct answer: D
Question 4
Scenario: A Citrix Engineer needs to configure the Application Firewall to do a credit card check using the command-line interface (CLI) and configure the profile to obscure the credit card number.
Which parameter will the engineer add in the CLI to encrypt the credit card numbers in the logs?
  1. –creditCardAction BLOCK
  2. -creditCardMaxAllowed
  3. –creditCardXOut ON
  4. –doSecureCreditCardLogging ON
Correct answer: D
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/11-1/application-firewall/logs.html
Reference: https://docs.citrix.com/en-us/netscaler/11-1/application-firewall/logs.html
Question 5
Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction.
Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results? 
add appfw profile Test123 –startURLAction none- denyURLAction none- cookieConsistencyAction log –cookieTransforms ON –cookieEncryption ecryptSessionOnly –addCookieFlags httpOnly –crossSiteScriptingAction none- SQLInjectionAction log stats –SQLInjectionTransfrormSpecialChars ON- SQLInjectionCheckSQLWildChars ON –fieldFormatAction none –bufferOverflowAction none –responseContentType “application/octet-stream”- XMLSQLInjectionAction none –XMLXSSAction none-XMLWSIAction none- XMLValidationAction none
  1. Configure Encrypt Server cookies to “Encrypt All”
  2. Configure Encrypt Server cookies to “None”
  3. Configure Encrypt Server cookies to “Encrypt Session Only”
  4. Configure Encrypt Server cookies to “Encrypt only”
Correct answer: B
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/12/application-firewall/top-level-protections/cookie-consistency-check.html
Reference: https://docs.citrix.com/en-us/netscaler/12/application-firewall/top-level-protections/cookie-consistency-check.html
Question 6
A Citrix Engineer needs to write a regular expression to treat the URL www.citrix.com as a literal string. 
Which regular expression can the engineer use?
  1. www$.citrix$.com
  2. [www\]. [citrix\]. [com\]
  3. www+.citrix+.com
  4. www\.citrix\.com
Correct answer: B
Question 7
What can a Citrix Engineer do to decrease browser load times by increasing the number of parallel connections to the resource?
  1. Configure Domain Sharding.
  2. Add more web servers.
  3. Block JavaScript on client browsers.
  4. Do NOT allow HTML websites.
Correct answer: A
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/10-5/ns-optimization-wrapper-10-con/ns-feo-con.html
Reference: https://docs.citrix.com/en-us/netscaler/10-5/ns-optimization-wrapper-10-con/ns-feo-con.html
Question 8
Scenario: A Citrix Engineer observes that when going through NetScaler, user connections fail and users are unable to access Exchange server. However, users can connect directly to the Exchange server. After checking the logs, the engineer finds that the POST request is blocked through the NetScaler.
The log in/ var/log/ns.log is as follows:
Jul 20 11:00: 38 <local0.info>x.x.x. 1 07/20/2017:11:00:38 GMT ns 0-PPE-0:APPFW AF_400_RESP 29362 0: x.x.x.1 439800-PPEO- urlwdummy
https://test.abc.com/rpc/rpcproxy.dll?mail.sfmta.com:6004 Bad request headers. Content-length exceeds post body limit <blocked>
Which parameter can the engineer modify to resolve the issue while maintaining security?
  1. Increase the Maximum Header Length under nshttp_default_profile.
  2. Increase the POST body limit using the HTTP profile.
  3. Add an Application Firewall policy with the expression “HTTP.REQ.METHOD.EQ(\ “POST”\)” with APPFW_BYPASS profile bound.
  4. Increase the POST body limit under common settings in Application Firewall profile settings.
Correct answer: D
Question 9
Which two threats can be prevented by using IP Reputation? (Choose two.)
  1. Trojan horses
  2. Phishing Proxies
  3. Worm
  4. Compromised IPv6 web-server
  5. Compromised IPv4 web-server
Correct answer: BE
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/11/security/reputation/ip-reputation.html
Reference: https://docs.citrix.com/en-us/netscaler/11/security/reputation/ip-reputation.html
Question 10
Which aspect of NetScaler Management and Analytics System (NMAS) can be used to monitor end-to-end ICA traffic flowing through a NetScaler ADC?
  1. Gateway Insight
  2. HDX Insight
  3. Security Insight
  4. Web Insight
Correct answer: B
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/analytics/HDX-Insight.html
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/analytics/HDX-Insight.html
Question 11
Scenario: A Citrix Engineer has deployed four NetScaler MPXs with the following network configuration:
  • Management traffic is on VLAN 5 (NSIP). 
  • Application and server traffic is on VLAN 10 (SNIP). 
The engineer added the NetScaler Management and Analytics System (NMAS) interface to VLAN 10 to deploy a NMAS High Availability (HA) pair to manage and monitor the applications and virtual servers. After doing so, the engineer is NOT able to see the NetScaler or applications that need to be managed. 
How can the engineer resolve the issue?
  1. Configure VLAN 5 as NSVLAN 5
  2. Move the NMAS interface to VLAN 5
  3. Configure VLAN 5 as NSSYNC VLAN
  4. Bind SNIP to VLAN 5
Correct answer: A
Question 12
A Citrix Engineer needs to configure NetScaler Management and Analytics System (NMAS) in their network to retain network reporting data, events, audit logs, and task logs for 20 days. 
Which settings can the engineer configure to meet the requirement?
  1. System Prune Settings
  2. System Backup Settings
  3. Instance Backup Settings
  4. Syslog Prune Settings
Correct answer: A
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/getting-started-with-mas.html
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/getting-started-with-mas.html
Question 13
A Citrix Engineer needs to ensure that all traffic to the virtual server is blocked if NONE of the bound Application Firewall policies are matched. 
Which setting can the engineer configure to meet this requirement?
  1. set appfw settings –undefAction APPFW_BLOCK
  2. set ns httpProfile nshttp_default_profile-dropInvalReqs DISABLED
  3. set ns httpProfie nshttp_default_profile –dropInvalReqs ENABLED
  4. set appfw settings –defaultProfile APPFW_BLOCK
Correct answer: D
Question 14
Scenario: A Citrix Engineer needs to configure the Application Firewall to do a credit card check using the command-line interface (CLI) and configure the profile to obscure the credit card number.
Which parameter will the engineer add in the CLI to encrypt the credit card numbers in the logs?
  1. –creditCardAction BLOCK
  2. -creditCardMaxAllowed
  3. –creditCardXOut ON
  4. –doSecureCreditCardLogging ON
Correct answer: D
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/11-1/application-firewall/logs.html
Reference: https://docs.citrix.com/en-us/netscaler/11-1/application-firewall/logs.html
Question 15
Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction.
Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results? 
add appfw profile Test123 –startURLAction none- denyURLAction none- cookieConsistencyAction log –cookieTransforms ON –cookieEncryption ecryptSessionOnly –addCookieFlags httpOnly –crossSiteScriptingAction none- SQLInjectionAction log stats –SQLInjectionTransfrormSpecialChars ON- SQLInjectionCheckSQLWildChars ON –fieldFormatAction none –bufferOverflowAction none –responseContentType “application/octet-stream”- XMLSQLInjectionAction none –XMLXSSAction none-XMLWSIAction none- XMLValidationAction none
  1. Configure Encrypt Server cookies to “Encrypt All”
  2. Configure Encrypt Server cookies to “None”
  3. Configure Encrypt Server cookies to “Encrypt Session Only”
  4. Configure Encrypt Server cookies to “Encrypt only”
Correct answer: B
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/12/application-firewall/top-level-protections/cookie-consistency-check.html
Reference: https://docs.citrix.com/en-us/netscaler/12/application-firewall/top-level-protections/cookie-consistency-check.html
Question 16
A Citrix Engineer needs to write a regular expression to treat the URL www.citrix.com as a literal string. 
Which regular expression can the engineer use?
  1. www$.citrix$.com
  2. [www\]. [citrix\]. [com\]
  3. www+.citrix+.com
  4. www\.citrix\.com
Correct answer: B
Question 17
What can a Citrix Engineer do to decrease browser load times by increasing the number of parallel connections to the resource?
  1. Configure Domain Sharding.
  2. Add more web servers.
  3. Block JavaScript on client browsers.
  4. Do NOT allow HTML websites.
Correct answer: A
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/10-5/ns-optimization-wrapper-10-con/ns-feo-con.html
Reference: https://docs.citrix.com/en-us/netscaler/10-5/ns-optimization-wrapper-10-con/ns-feo-con.html
Question 18
Scenario: A Citrix Engineer observes that when going through NetScaler, user connections fail and users are unable to access Exchange server. However, users can connect directly to the Exchange server. After checking the logs, the engineer finds that the POST request is blocked through the NetScaler.
The log in/ var/log/ns.log is as follows:
Jul 20 11:00: 38 <local0.info>x.x.x. 1 07/20/2017:11:00:38 GMT ns 0-PPE-0:APPFW AF_400_RESP 29362 0: x.x.x.1 439800-PPEO- urlwdummy
https://test.abc.com/rpc/rpcproxy.dll?mail.sfmta.com:6004 Bad request headers. Content-length exceeds post body limit <blocked>
Which parameter can the engineer modify to resolve the issue while maintaining security?
  1. Increase the Maximum Header Length under nshttp_default_profile.
  2. Increase the POST body limit using the HTTP profile.
  3. Add an Application Firewall policy with the expression “HTTP.REQ.METHOD.EQ(\ “POST”\)” with APPFW_BYPASS profile bound.
  4. Increase the POST body limit under common settings in Application Firewall profile settings.
Correct answer: D
Question 19
Which two threats can be prevented by using IP Reputation? (Choose two.)
  1. Trojan horses
  2. Phishing Proxies
  3. Worm
  4. Compromised IPv6 web-server
  5. Compromised IPv4 web-server
Correct answer: BE
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/11/security/reputation/ip-reputation.html
Reference: https://docs.citrix.com/en-us/netscaler/11/security/reputation/ip-reputation.html
Question 20
Which aspect of NetScaler Management and Analytics System (NMAS) can be used to monitor end-to-end ICA traffic flowing through a NetScaler ADC?
  1. Gateway Insight
  2. HDX Insight
  3. Security Insight
  4. Web Insight
Correct answer: B
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/analytics/HDX-Insight.html
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/analytics/HDX-Insight.html
Question 21
Scenario: A Citrix Engineer has deployed four NetScaler MPXs with the following network configuration:
  • Management traffic is on VLAN 5 (NSIP). 
  • Application and server traffic is on VLAN 10 (SNIP). 
The engineer added the NetScaler Management and Analytics System (NMAS) interface to VLAN 10 to deploy a NMAS High Availability (HA) pair to manage and monitor the applications and virtual servers. After doing so, the engineer is NOT able to see the NetScaler or applications that need to be managed. 
How can the engineer resolve the issue?
  1. Configure VLAN 5 as NSVLAN 5
  2. Move the NMAS interface to VLAN 5
  3. Configure VLAN 5 as NSSYNC VLAN
  4. Bind SNIP to VLAN 5
Correct answer: A
Question 22
A Citrix Engineer needs to configure NetScaler Management and Analytics System (NMAS) in their network to retain network reporting data, events, audit logs, and task logs for 20 days. 
Which settings can the engineer configure to meet the requirement?
  1. System Prune Settings
  2. System Backup Settings
  3. Instance Backup Settings
  4. Syslog Prune Settings
Correct answer: A
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/getting-started-with-mas.html
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/getting-started-with-mas.html
Question 23
A Citrix Engineer needs to ensure that all traffic to the virtual server is blocked if NONE of the bound Application Firewall policies are matched. 
Which setting can the engineer configure to meet this requirement?
  1. set appfw settings –undefAction APPFW_BLOCK
  2. set ns httpProfile nshttp_default_profile-dropInvalReqs DISABLED
  3. set ns httpProfie nshttp_default_profile –dropInvalReqs ENABLED
  4. set appfw settings –defaultProfile APPFW_BLOCK
Correct answer: D
Question 24
Scenario: A Citrix Engineer needs to configure the Application Firewall to do a credit card check using the command-line interface (CLI) and configure the profile to obscure the credit card number.
Which parameter will the engineer add in the CLI to encrypt the credit card numbers in the logs?
  1. –creditCardAction BLOCK
  2. -creditCardMaxAllowed
  3. –creditCardXOut ON
  4. –doSecureCreditCardLogging ON
Correct answer: D
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/11-1/application-firewall/logs.html
Reference: https://docs.citrix.com/en-us/netscaler/11-1/application-firewall/logs.html
Question 25
Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction.
Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results? 
add appfw profile Test123 –startURLAction none- denyURLAction none- cookieConsistencyAction log –cookieTransforms ON –cookieEncryption ecryptSessionOnly –addCookieFlags httpOnly –crossSiteScriptingAction none- SQLInjectionAction log stats –SQLInjectionTransfrormSpecialChars ON- SQLInjectionCheckSQLWildChars ON –fieldFormatAction none –bufferOverflowAction none –responseContentType “application/octet-stream”- XMLSQLInjectionAction none –XMLXSSAction none-XMLWSIAction none- XMLValidationAction none
  1. Configure Encrypt Server cookies to “Encrypt All”
  2. Configure Encrypt Server cookies to “None”
  3. Configure Encrypt Server cookies to “Encrypt Session Only”
  4. Configure Encrypt Server cookies to “Encrypt only”
Correct answer: B
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/12/application-firewall/top-level-protections/cookie-consistency-check.html
Reference: https://docs.citrix.com/en-us/netscaler/12/application-firewall/top-level-protections/cookie-consistency-check.html
Question 26
A Citrix Engineer needs to write a regular expression to treat the URL www.citrix.com as a literal string. 
Which regular expression can the engineer use?
  1. www$.citrix$.com
  2. [www\]. [citrix\]. [com\]
  3. www+.citrix+.com
  4. www\.citrix\.com
Correct answer: B
Question 27
What can a Citrix Engineer do to decrease browser load times by increasing the number of parallel connections to the resource?
  1. Configure Domain Sharding.
  2. Add more web servers.
  3. Block JavaScript on client browsers.
  4. Do NOT allow HTML websites.
Correct answer: A
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/10-5/ns-optimization-wrapper-10-con/ns-feo-con.html
Reference: https://docs.citrix.com/en-us/netscaler/10-5/ns-optimization-wrapper-10-con/ns-feo-con.html
Question 28
Scenario: A Citrix Engineer observes that when going through NetScaler, user connections fail and users are unable to access Exchange server. However, users can connect directly to the Exchange server. After checking the logs, the engineer finds that the POST request is blocked through the NetScaler.
The log in/ var/log/ns.log is as follows:
Jul 20 11:00: 38 <local0.info>x.x.x. 1 07/20/2017:11:00:38 GMT ns 0-PPE-0:APPFW AF_400_RESP 29362 0: x.x.x.1 439800-PPEO- urlwdummy
https://test.abc.com/rpc/rpcproxy.dll?mail.sfmta.com:6004 Bad request headers. Content-length exceeds post body limit <blocked>
Which parameter can the engineer modify to resolve the issue while maintaining security?
  1. Increase the Maximum Header Length under nshttp_default_profile.
  2. Increase the POST body limit using the HTTP profile.
  3. Add an Application Firewall policy with the expression “HTTP.REQ.METHOD.EQ(\ “POST”\)” with APPFW_BYPASS profile bound.
  4. Increase the POST body limit under common settings in Application Firewall profile settings.
Correct answer: D
Question 29
Which two threats can be prevented by using IP Reputation? (Choose two.)
  1. Trojan horses
  2. Phishing Proxies
  3. Worm
  4. Compromised IPv6 web-server
  5. Compromised IPv4 web-server
Correct answer: BE
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/11/security/reputation/ip-reputation.html
Reference: https://docs.citrix.com/en-us/netscaler/11/security/reputation/ip-reputation.html
Question 30
Which aspect of NetScaler Management and Analytics System (NMAS) can be used to monitor end-to-end ICA traffic flowing through a NetScaler ADC?
  1. Gateway Insight
  2. HDX Insight
  3. Security Insight
  4. Web Insight
Correct answer: B
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/analytics/HDX-Insight.html
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/analytics/HDX-Insight.html
Question 31
Scenario: A Citrix Engineer has deployed four NetScaler MPXs with the following network configuration:
  • Management traffic is on VLAN 5 (NSIP). 
  • Application and server traffic is on VLAN 10 (SNIP). 
The engineer added the NetScaler Management and Analytics System (NMAS) interface to VLAN 10 to deploy a NMAS High Availability (HA) pair to manage and monitor the applications and virtual servers. After doing so, the engineer is NOT able to see the NetScaler or applications that need to be managed. 
How can the engineer resolve the issue?
  1. Configure VLAN 5 as NSVLAN 5
  2. Move the NMAS interface to VLAN 5
  3. Configure VLAN 5 as NSSYNC VLAN
  4. Bind SNIP to VLAN 5
Correct answer: A
Question 32
A Citrix Engineer needs to configure NetScaler Management and Analytics System (NMAS) in their network to retain network reporting data, events, audit logs, and task logs for 20 days. 
Which settings can the engineer configure to meet the requirement?
  1. System Prune Settings
  2. System Backup Settings
  3. Instance Backup Settings
  4. Syslog Prune Settings
Correct answer: A
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/getting-started-with-mas.html
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/getting-started-with-mas.html
Question 33
A Citrix Engineer needs to ensure that all traffic to the virtual server is blocked if NONE of the bound Application Firewall policies are matched. 
Which setting can the engineer configure to meet this requirement?
  1. set appfw settings –undefAction APPFW_BLOCK
  2. set ns httpProfile nshttp_default_profile-dropInvalReqs DISABLED
  3. set ns httpProfie nshttp_default_profile –dropInvalReqs ENABLED
  4. set appfw settings –defaultProfile APPFW_BLOCK
Correct answer: D
Question 34
Scenario: A Citrix Engineer needs to configure the Application Firewall to do a credit card check using the command-line interface (CLI) and configure the profile to obscure the credit card number.
Which parameter will the engineer add in the CLI to encrypt the credit card numbers in the logs?
  1. –creditCardAction BLOCK
  2. -creditCardMaxAllowed
  3. –creditCardXOut ON
  4. –doSecureCreditCardLogging ON
Correct answer: D
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/11-1/application-firewall/logs.html
Reference: https://docs.citrix.com/en-us/netscaler/11-1/application-firewall/logs.html
Question 35
Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction.
Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results? 
add appfw profile Test123 –startURLAction none- denyURLAction none- cookieConsistencyAction log –cookieTransforms ON –cookieEncryption ecryptSessionOnly –addCookieFlags httpOnly –crossSiteScriptingAction none- SQLInjectionAction log stats –SQLInjectionTransfrormSpecialChars ON- SQLInjectionCheckSQLWildChars ON –fieldFormatAction none –bufferOverflowAction none –responseContentType “application/octet-stream”- XMLSQLInjectionAction none –XMLXSSAction none-XMLWSIAction none- XMLValidationAction none
  1. Configure Encrypt Server cookies to “Encrypt All”
  2. Configure Encrypt Server cookies to “None”
  3. Configure Encrypt Server cookies to “Encrypt Session Only”
  4. Configure Encrypt Server cookies to “Encrypt only”
Correct answer: B
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/12/application-firewall/top-level-protections/cookie-consistency-check.html
Reference: https://docs.citrix.com/en-us/netscaler/12/application-firewall/top-level-protections/cookie-consistency-check.html
Question 36
A Citrix Engineer needs to write a regular expression to treat the URL www.citrix.com as a literal string. 
Which regular expression can the engineer use?
  1. www$.citrix$.com
  2. [www\]. [citrix\]. [com\]
  3. www+.citrix+.com
  4. www\.citrix\.com
Correct answer: B
Question 37
What can a Citrix Engineer do to decrease browser load times by increasing the number of parallel connections to the resource?
  1. Configure Domain Sharding.
  2. Add more web servers.
  3. Block JavaScript on client browsers.
  4. Do NOT allow HTML websites.
Correct answer: A
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/10-5/ns-optimization-wrapper-10-con/ns-feo-con.html
Reference: https://docs.citrix.com/en-us/netscaler/10-5/ns-optimization-wrapper-10-con/ns-feo-con.html
Question 38
Scenario: A Citrix Engineer observes that when going through NetScaler, user connections fail and users are unable to access Exchange server. However, users can connect directly to the Exchange server. After checking the logs, the engineer finds that the POST request is blocked through the NetScaler.
The log in/ var/log/ns.log is as follows:
Jul 20 11:00: 38 <local0.info>x.x.x. 1 07/20/2017:11:00:38 GMT ns 0-PPE-0:APPFW AF_400_RESP 29362 0: x.x.x.1 439800-PPEO- urlwdummy
https://test.abc.com/rpc/rpcproxy.dll?mail.sfmta.com:6004 Bad request headers. Content-length exceeds post body limit <blocked>
Which parameter can the engineer modify to resolve the issue while maintaining security?
  1. Increase the Maximum Header Length under nshttp_default_profile.
  2. Increase the POST body limit using the HTTP profile.
  3. Add an Application Firewall policy with the expression “HTTP.REQ.METHOD.EQ(\ “POST”\)” with APPFW_BYPASS profile bound.
  4. Increase the POST body limit under common settings in Application Firewall profile settings.
Correct answer: D
Question 39
Which two threats can be prevented by using IP Reputation? (Choose two.)
  1. Trojan horses
  2. Phishing Proxies
  3. Worm
  4. Compromised IPv6 web-server
  5. Compromised IPv4 web-server
Correct answer: BE
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler/11/security/reputation/ip-reputation.html
Reference: https://docs.citrix.com/en-us/netscaler/11/security/reputation/ip-reputation.html
Question 40
Which aspect of NetScaler Management and Analytics System (NMAS) can be used to monitor end-to-end ICA traffic flowing through a NetScaler ADC?
  1. Gateway Insight
  2. HDX Insight
  3. Security Insight
  4. Web Insight
Correct answer: B
Explanation:
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/analytics/HDX-Insight.html
Reference: https://docs.citrix.com/en-us/netscaler-mas/12/analytics/HDX-Insight.html
HOW TO OPEN VCE FILES

Use VCE Exam Simulator to open VCE files
Avanaset

HOW TO OPEN VCEX AND EXAM FILES

Use ProfExam Simulator to open VCEX and EXAM files
ProfExam Screen

ProfExam
ProfExam at a 20% markdown

You have the opportunity to purchase ProfExam at a 20% reduced price

Get Now!