Citrix 1Y0-440 Architecting a Citrix Networking Solution Exam Practice Test

Page: 1 / 14
Total 152 questions
Question 1

Scenario: A Citrix Architect needs to design a new solution within Amazon Web Services (AWS) The architect would like to create a high availability Citrix ADC VPX pair to provide load balancing for applications hosted in the AWS deployment within a single availability zone which will receive traffic arriving from the Internet.

Which configuration should the architect choose to accomplish this?



Answer : C


Question 2

Scenario: A Citrix Architect needs to deploy Single Sign-on form-based authentication through Citrix ADC for Outlook Web Access (OWA) 2013 for the users of the domain workspacelab com The Single Sign-on (SSO) must be performed based on sAMAccountName.

Which SSO action can the architect use to meet this requirement?



Answer : D

add tm formSSOAction OWA_Form_SSO_SSOPro -actionURL '/owa/auth.owa' -userField username -passwdField password -ssoSuccessRule 'http.RES.SET_COOKIE.COOKIE(\'cadata\').VALUE(\'cadata\').LENGTH.GT(70' -responsesize 15000 -submitMethod POST


Question 3

Scenario: A Citrix Architect needs to configure a Content Switching virtual server to provide access to www.workspacelab.com. However, the architect observes that whenever the user tries to access www.worksapcelab.com/CITRIX/WEB, the user receives a "503 - Service Unavailable" response. The configuration snippet is as follows:

What should the architect modify to resolve this issue?



Answer : D


Question 4

Which three session settings are valid once a Citrix Architect has configured session settings to customize user sessions? (Choose three.)



Answer : B, D, E

Verified Answer: A, E, F

Short But Comprehensive Explanation: The three session settings that are valid once a Citrix Architect has configured session settings to customize user sessions are:

Single Sign-on Domain: This setting specifies the domain name that is used for single sign-on authentication. This setting is required if the user account is in a different domain than the server running the published application1.

Single Sign-on to Web Applications: This setting enables or disables single sign-on to web applications that use basic, digest, or NTLM authentication. This setting requires the Citrix Secure Access client to be installed on the user device2.

Session Idle Time: This setting specifies the maximum time in minutes that a user session can remain idle before NetScaler Gateway disconnects the session. This setting helps to conserve server resources and prevent unauthorized access to inactive sessions3.

The other session settings are not valid for customizing user sessions. They are:

Credential Index: This setting specifies the index of the authentication server that is used to obtain the user credentials for single sign-on. This setting is not applicable for session policies, but only for authentication policies4.

KCD Profile: This setting specifies the name of the Kerberos constrained delegation profile that is used to delegate user credentials to back-end servers. This setting is not applicable for session policies, but only for traffic policies5.

Default Authentication Group: This setting specifies the name of the default group that is used to authorize users who do not belong to any group on the authentication server. This setting is not applicable for session policies, but only for authorization policies6.


Configure NetScaler Gateway session policies for StoreFront

Configuring Single Sign-on to Web Applications

Manage user sessions

[Configuring Credential Index]

[Configuring Kerberos Constrained Delegation]

[Configuring Default Authorization Groups]

Question 5

Scenario: A Citrix Architect has met with a team of Workspacelab members for a design discussion. They have captured the following requirements for the Citrix ADC design project:

Multi-factor authentication must be configured for the Citrix Gateway virtual server.

The Citrix Gateway virtual server is integrated with the Citrix Virtual Apps and Desktops environment.

Load balancing must be configured for the StoreFront server.

Authentication must be deployed for the users from the workspacelab.com and vendorlab.com domains.

The logon page must have the workspacelab logo on it.

Certificate verification must be performed to identify and extract the username.

The client certificate must have UserPrincipalName as a subject.

All the managed workstations for the workspacelab users must have the client identification certificate installed on them.

The workspacelab users connecting from the internal network should be authenticated using LDAP.

The workspacelab users connecting from the external network should be authenticated using LDAP and RADIUS.

The vendorlab users should be authenticated using Active Directory Federation Service.

The user credentials must NOT be shared between workspacelab and vendorlab.

Single Sign-on must be performed between StoreFront and Citrix Gateway.

A domain drop down list must be provided if the user connects to the Citrix Gateway virtual server externally.

The domain of the user connecting externally must be identified using the domain selected from the domain drop down list.

Which authentication policy must the architect execute first to meet the design requirements?



Answer : C


Question 6

Scenario: The Workspacelab team has implemented Citrix ADC high availability pair and Citrix ADC Management and Analytics System (Citrix Application Delivery Management). The Citrix Application Delivery Management was configured by a Citrix Architect to monitor and manage these devices. The Workspacelab team wants to load balance their Microsoft SharePoint servers on the Citrix ADC and needs the process to be streamlined and administered using Citrix Application Delivery Management.

The following requirements were discussed during the meeting:

The Microsoft SharePoint server should be optimized, load balanced, and secured in the network and should be deployed using Citrix Application Delivery Management.

All the configurations should be yenned before getting pushed to the Citrix Application Delivery Management.

Which feature should the architect use to configure the Microsoft SharePoint server using Citrix Application Delivery Management?



Answer : A


Question 7

Scenario: A Citrix Architect has deployed two MPX devices. 12.0.53.13 nc and MPX 11500 models, in a high availability (HA) pair for the Workspace labs team. The deployment method is two-arm and the devices are installed behind a CISCO ASA 5585 Firewall. The architect enabled the following features on the Citrix ADC devices. Content Switching. SSL Offloading, Load Balancing, Citrix Gateway. Application Firewall in hybrid security and Appflow. All are enabled to send monitoring information to Citrix Application Delivery Management 12.0.53.13 nc build. The architect is preparing to configure load balancing for Microsoft Exchange 2016 server.

The following requirements were discussed during the implementation:

All traffic needs to be segregated based on applications, and the fewest number of IP addresses should be utilized during the configuration.

All traffic should be secured and any traffic coming Into FITTP should be redirected to HTTPS.

Single Sign-on should be created for Microsoft Outlook web access (OWA).

Citrix ADC should recognize Uniform Resource Identifier (URI) and close the session to Citrix ADC when users hit the Logoff button In Microsoft Outlook web access.

Users should be able to authenticate using either user principal name (UPN) or sAMAccountName.

The Layer 7 monitor should be configured to monitor the Microsoft Outlook web access servers and the monitor probes must be sent on SSL.

Which monitor will meet these requirements?



Answer : A


Page:    1 / 14   
Total 152 questions