Citrix 1Y0-440 Exam Practice Test Instant Access

Question 1

Scenario: A Citrix Architect has deployed load balancing for SharePoint 2010 on a Citrix ADC instance. While editing the document, the architect observed the error displayed below:

Sorry, we couldn't open 'https://sharepointcs.emea.in/Shared Documents/Citrix Enhancement Request Form.doc'

After troubleshooting, the architect discovers the issue. When a user opens a document, it opens in the browser, but while editing the document, thd session is transferred from the browser to the Word application During this time, the cookies should be transferred from the browser to the Word application.

Which two configurations should the architect modify to ensure that the cookies are shared between the browser and non-browser applications? (Choose two.)

AEnable Persistent Cookie

BDisable Persistent Cookie

CSet HTTPOnly Cookie to NO

DSet the NSC_AAAC cookie with HTTPOnly Flag

ESet lb vserver -persistenceType COOKIEINSERT

FSet HTTPOnly Cookie to Yes

Answer : A, C

Question 2

Scenario: Based on a discussion between a Citrix Architect and team of Workspacelab has been created across three (3) sites.

They captured the following requirements during the design discussion held for NetScaler design projects:

All three (3) Workspacelab sites (DC, NDR, and DR) will have similar NetScaler configuration and design.

Both external and internal NetScaler MPX appliances will have Global Server Load balancing (GSLB) configured and deployed in Active/Passive mode.

GSLB should resolve both A and AAA DNS queries.

In the GSLB deployment, the NDR site will act as backup for the DC site. whereas the DR site will act as backup for the NDR site.

When the external NetScaler replies to DNS traffic coming in through Cisco Firepower IPS, the replies should be sent back through the same path.

On the internal NetScaler, both front-end VIP and back-end SNIP will be part of the same subnet.

USIP is configured on the DMZ NetScaler appliances.

The external NetScaler will act default gateway for back-end servers.

All three (3) sites (DC, NDR, and DR) will have two (2) links to the Internet from different service providers configured in Active/Standby mode.

Which design decision must the architect make to meet the design requirements above?

AInterface 0/1 must be used for DNS traffic.

BThe SNIP of the external NetScaler must be configured as default gateway on the back-end servers.

CADNS service must be used with IPv6 address.

DPolicy-Based Route with next hop as CISCO IPS must be configured on the external NetScaler.

Answer : B

https://support.citrix.com/article/CTX117346

Question 3

Scenario: A Citrix Architect needs to design a new multi-datacenter NetScaler deployment. The customer wants NetScaler to provide access to various backend resources by using Global Server Load Balancing (GSLB) in an Active-Active deployment.

Click the Exhibit button to view additional requirements identified by the architect.

Which GSLB algorithm or method should the architect use for the deployment, based on the stated requirements?

ADynamic round trip time (RTT)

BLeast response time

CStatic proximity

Dleast connection

ELeast packets

FSource IP hash

Answer : B

Question 4

Scenario: A Citrix Architect has deployed two MPX devices, 12.0.53.13 nc and MPX 11500 models, in a high availability (HA) pair for the Workspace labs team. The deployment method is two-arm. and the devices are installed behind a CISCO ASA 5585 firewall. The architect enables the following features on the Citrix ADC devices: Content Switching. SSL Offloading, Load Balancing, Citrix Gateway, Application Firewall in hybrid security, and Appflow. All are enabled to send monitoring information to Citrix Application Delivery Management 12.0.53.13 nc build. The architect is preparing to configure load balancing for Microsoft Exchange 2016 server.

The following requirements were discussed during the implementation:

All traffic needs to be segregated based on applications, and the fewest number of IP addresses should be utilized during the configuration.

All traffic should be secured, and any traffic coming into HTTP should be redirected to HTTPS.

Single Sign-on should be created for Microsoft Outlook web access (OWA).

Citrix ADC should recognize Uniform Resource Identifier (URI) and close the session to Citrix ADC, when users hit the Logoff button in Microsoft Outlook web access.

Users should be able to authenticate using user principal name (UPN).

The Layer 7 monitor should be configured to monitor the Microsoft Outlook web access servers, and the monitor probes must be sent on SSL.

Which Responder policy can be utilized to redirect the users from http://mail.citrix.com to https://mail.citrix.com/owa?

Aadd responder action Act redirect ''https://mail.citrix.com/owa/'' -responseStatusCode 302 add responder policy pol 'http.REQ.URL.PATH_AND_QUERY.EQ('/')' Act

Badd responder action Act redirect ''https://mail.citrix.com/owa/'' -responseStatusCode 307 add responder policy pol 'HTTP.REQ.IS_NOTVALID Act

Cadd responder action Act redirect ''http://mail.citrix.com/owa/'' -responseStatusCode 302 add responder policy pol 'HTTP.REQ.IS_NOTVALID Act

Dadd responder action Act redirect ''http://mail.citrix.com/owa/'' -responseStatusCode 302 add responder policy pol 'http.REQ.URL.PATH_AND_QUERY.EQ('/')' Act

Answer : A

Question 5

Scenario: A Citrix Architect is asked by management at the Workspacelab organization to review their existing configuration and make the necessary upgrades. The architect recommends small changes to the pre-existing Citrix ADC configuration. Currently, the Citrix ADC MPX devices are configured in a high availability pair, and the outbound traffic is load balanced between two Internet service providers (ISPs). However, the failover is NOT happening correctly. The following requirements were discussed during the design requirement phase:

* The return traffic for a specific flow should be routed through the same path while using Link Load Balancing.

* The link should fail over even if the ISP router is up and intermediary devices to an ISP router are down.

* Traffic going through one ISP router should fail over to the secondary ISP, and the traffic should NOT flow through both routers simultaneously. What should the architect configure to meet this requirement?

ATransparent monitor

BPing Monitor

CHTTP-ECV monitor wit' secure option enabled

DHTTP-ECV monitor without secure option enabled

Answer : A

Question 6

Scenario: A Citrix Architect has met with a team of Workspacelab members for a design discussion. They have captured the following requirements for NetScaler design project:

The authentication must be deployed for the users from the workspacelab.com and vendorlab.com domains.

The workspacelab users connecting from the internal (workspacelab) network should be authenticated using LDAP.

The workspacelab users connecting from the external network should be authenticated using LDAP and RADIUS.

The vendorlab users should be authenticated using Active Directory Federation Service.

The user credentials must NOT be shared between workspacelab and vendorlab.

Single Sign-on must be performed between StoreFront and NetScaler Gateway.

A domain drop down list must be provided if the used connects to the NetScaler gateway virtual server externally.

Which method must the architect utilize for user management between the two domains?

ACreate shadow accounts for the users of the Workspacelab domain in the Vendorlab domain.

BCreate a global catalog containing the objects of Vendorlab and Workspacelab domains.

CCreate shadow accounts for the Vendorlab domain in the Workspacelab domain.

DCreate a two-way trust between the Vendorlab and Workspacelab domains.

Answer : B

Question 7

Scenario: A Citrix Architect has configured two MPX devices in high availability mode with version 12.0.53.13 nc. After a discussion with the security teamf the architect enabled the Application Firewall feature for additional protection. In the initial deployment phase, the following security features were enabled:

* IP address reputation

* HTML SQL injection check

* Start URL

* HTML Cross-site scripting

* Form-Field consistency

After deployment in pre-production, the team identifies the following additional security features and changes as further requirements:

* Application Firewall should retain the response of form field in its memory. When a client submits the form in the next request Application Firewall should check for inconsistency in the request before sending it to the web server.

* All the requests dropped by Application Firewall should get a pre-configured HTML error page with appropriate information.

* The Application Firewall profile should be able to handle the data from an RSS feed and an ATOM-based site. Click the Exhibit button to view an excerpt of the existing configuration.

What should the architect do to meet these requirements?

AModify existing profile settings and disable the setting 'Enable Form Tagging'.

BCreate a new basic profile and use pre-existing HTML settings.

CModify existing profile settings, change HTML settings, and ensure to exclude uploaded files from security checks.

DModify existing profile settings and change HTML settings to use an HTML error object.

Answer : D

Citrix Architecting a Citrix Networking Solution 1Y0-440 Exam Practice Test