Practice 1Y0-440 Exam Online

Question 1

A Citrix Architect has deployed Citrix Application Delivery Management to monitor a high availability pair of

Citrix ADC VPX devices.

The architect needs to deploy automated configuration backup to meet the following requirements:

The configuration backup file must be protected using a password.

The configuration backup must be performed each day at 8:00 AM GMT.

The configuration backup must also be performed if any changes are made in the ns.conf file.

Once the transfer is successful, auto-delete the configuration file from the NMAS.

Which SNMP trap will trigger the configuration file backup?

A : netScalerConfigSave

B : sysTotSaveConfigs

C : netScalerConfigChange

D : sysconfigSave

Answer: A

Question 2

Scenario: A Citrix Architect has set up Citrix ADC MPX devices in high availability mode with version

12.0.53.13 nc. These are placed behind a Cisco ASA 5505 firewall. The Cisco ASA firewall is configured to

block traffic using access control lists. The network address translation (NAT) is also performed on the

firewall.

The following requirements were captured by the architect during the discussion held as part of the Citrix

ADC security implementation project with the customers security team:

The Citrix ADC MPX device:

should monitor the rate of traffic either on a specific virtual entity or on the device It should be able to

mitigate the attacks from a hostile client sending a flood of requests. The Citrix ADC device should be

able to stop the HTTP TCP. and DNS based requests

needs to protect backend servers from overloading

needs to queue all the incoming requests on the virtual server level instead of the service level

should provide access to resources on the basis of priority

should provide protection against well-known Windows exploits virus-infected personal computers,

centrally managed automated botnets, compromised webservers, known spammers/hackers, and

phishing proxies

should provide flexibility to enforce the desired level of security check inspections for the requests

originating from a specific geolocation database.

should block the traffic based on a pre-determined header length. URL length and cookie length. The

device should ensure that characters such as a single straight quote ('): backslash (\); and semicolon (;)

are either blocked, transformed, or dropped while being sent to the backend server.

Which security feature should the architect configure to meet these requirements?

A : Configure Application Firewall with HTML cross-site scripting to block unwanted traffic

B : Configure pattern sets using regular expressions to block attacks

C : Configure Signatures manually and apply them to the Application Firewall profile

D : Configure signatures to auto-update and apply them to the Application Firewall profile

E : Configure IP address reputation and use IPREP and webroot to block the traffic

Answer: A

Question 3

Scenario: A Citrix Architect needs to assess a Citrix Gateway deployment that was recently completed by a customer and is currently in pre-production testing. The Citrix Gateway needs to use ICA proxy to provide access to a Citrix Virtual Apps and Citrix Virtual Desktops environment. During the assessment, the customer informs the architect that users are NOT able to launch published resources using the Gateway virtual server. Click the Exhibit button to view the troubleshooting details collected by the customer

What is the cause of this issue?

A : There are NO backend Virtual Delivery Agent machines available to host the selected published resource

B : The Secure Ticket Authority servers have NOT been configured in the Citrix Gateway settings

C : The required ports have NOT been opened on the external firewall

D : The StoreFront URL configured In the Citrix Gateway session profile is NOT correct.

Answer: B

Question 4

Scenario: A Citrix Architect has configured two MPX devices in high availability mode with version

12.0.53.13 nc. After a discussion with the security team, the architect enabled the Application Firewall feature

for additional protection.

In the initial deployment phase, the following security features were enabled:

IP address reputation

HTML SQL injection check

Start URL

HTML Cross-site scripting

Form-field consistency

After deployment in pre-production, the team identifies the following additional security features and changes

as further requirements:

Application Firewall should retain the response of form field in its memory When a client submits the

form in the next request. Application Firewall should check for inconsistency in the request before

sending it to the web server

All the requests dropped by Application Firewall should receive a pre-configured HTML error page

with appropriate information.

The Application Firewall profile should be able to handle the data from the RSS feed and an

ATOM-based site.

Click the Exhibit button to view an excerpt of the existing configuration

What should the architect do to meet these requirements?

A : Delete the existing profile and create a new profile of type: XML Application (SOAP)

B : Modify the existing profile to include sessionization

C : Create a new basic profile and use pre-existing HTML settings.

D : Modify existing profile settings, change HTML settings, and ensure to exclude uploaded files from security checks.

Answer: B

Question 5

Scenario: A Citrix Architect needs to assess an existing NetScaler gateway deployment. During the assessment, the architect collected key requirements for VPN users, as well as the current session profile settings that are applied to those users. Click the Exhibit button to view the information collected by the architect.

Which configuration should the architect change to meet all the stated requirements?

A : Item 5

B : Item 1

C : Item 2

D : Item 3

E : Item 4

Answer: A

Name:	Architecting a Citrix Networking Solution
Exam Code:	1Y0-440
Certification:	Citrix Certified Associate - Networking (CCA-N) (Level I)
Vendor:	Citrix
Total Questions:	154
Last Updated:	Apr 23, 2024

Citrix 1Y0-440