100% Passing Guarantee - Brilliant 1Y0-341 Exam Questions PDF [Mar-2022]
1Y0-341 Dumps 2022 - NewCitrix 1Y0-341 Exam Questions
Understanding fundamental and technical aspects of Citrix ADC Advanced Concepts - Security, Management and Optimization
The following will be discussed in CITRIX 1Yo-204 exam dumps:
- Delegation of administrative rights
- OUs
- Active Directory Domain Services
- Active Directory Certificate Services
NEW QUESTION 33
Scenario: A Citrix Engineer created the policies in the attached exhibit.
Click the Exhibit button to view the list of policies.
HTTP Request:
GET /resetpassword.htm HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:64.0) Gecko/20100101 Firefox/64.0 Host: www.citrix.com Accept-Language: en-us Accept-Encoding: gzip, deflate Connection: Keep-Alive Which profile will be applied to the above HTTP request?
- A. Profile_A
- B. Profile_C
- C. Profile_D
- D. Profile_B
Answer: D
NEW QUESTION 34
Scenario: A Citrix Engineer notices that a web page takes a long time to display. Upon further investigation, the engineer determines that the requested page is referencing 48 other elements for download.
Which Front End Optimization technique can the engineer enable on the Citrix ADC to improve time-to-display?
- A. Remove comments from HTML
- B. Move to Head Tag
- C. Domain Sharding
- D. Shrink to Attributes
Answer: D
NEW QUESTION 35
Which action ensures that content is retrieved from the server of origin?
- A. MAY_CACHE
- B. CACHE
- C. NOCACHE
- D. MAY_NOCACHE
Answer: C
NEW QUESTION 36
Which feature of Learning should a Citrix Engineer configure to direct Citrix Web App Firewall to learn from specific sessions?
- A. Manage Content Types for Safe Commerce
- B. Trusted Learning Clients list
- C. Default policy expression filter
- D. Advanced policy expression filter
Answer: B
Explanation:
Explanation/Reference: https://docs.citrix.com/en-us/citrix-adc/current-release/application-firewall/profiles/learning.html
NEW QUESTION 37
Scenario : A Citrix Engineer needs to forward the Citrix Web App Firewall log entries to a central management service. This central management service uses an open log file standard. Which log file format should the engineer use in the Citrix Web App Firewall engine settings to designate the open log file standard?
- A. W3C
- B. CEF
- C. TLA
- D. IIS
Answer: B
NEW QUESTION 38
Scenario: A Citrix Engineer wants to use Citrix Application Delivery Management (ADM) to monitor a single Citrix ADC VPX with eight web applications and one Citrix Gateway. It is important that the collected data be protected.
Which deployment will satisfy the requirements?
- A. A pair of Citrix ADM virtual appliances configured for High Availability.
- B. A single Citrix ADM with database replication to a secondary storage repository.
- C. A pair of Citrix ADM virtual appliances, each working independently.
- D. A single Citrix ADM imported onto the same hypervisor as the Citrix ADC VPX.
Answer: B
NEW QUESTION 39
Scenario: A Citrix Engineer reviewed the log files of a web application and found the error message below: "Unable to complete request Unrecognized field cext2_price>" Which protection can the engineer implement to prevent this error from happening?
- A. Cross-Site Request Forgeries (CSRF)
- B. HTML SQL Injection
- C. HTML Cross-Site Scripting (XSS)
- D. Form Field Consistency
Answer: D
NEW QUESTION 40
Scenario: A Citrix Engineer has configured the Signature file with new patterns and log strings and uploaded the file to Application Firewall. However, after the upload, the Signature rules are NOT implemented.
What can the engineer modify to implement Signature rules?
- A. The Signature update URL should have an older version than the one on Application Firewall.
- B. The new Signature file should have new ID and version number.
- C. The Signature upgrade will take effect only after a restart.
- D. TheNetScaler version should be upgraded before upgrading the signatures.
Answer: C
NEW QUESTION 41
Which report can a Citrix Engineer review to ensure that the Citrix ADC meets all PCI-DSS requirements.
- A. PCI-DSS Standards
- B. Generate Application Firewall Configuration
- C. Generate PCI-DSS
- D. Application Firewall Violations Summary
Answer: C
NEW QUESTION 42
A Citrix Engineer is considered that malicious users could exploit a web system by sending a large cookie. Which security check can the engineer implement to address this concern?
- A. Buffer Overflow
- B. Field Formats
- C. Start URL
- D. Content-type
Answer: A
NEW QUESTION 43
Which feature of Learning should a Citrix Engineer configure to direct Citrix Web App Firewall to learn from specific sessions?
- A. Manage Content Types for Safe Commerce
- B. Trusted Learning Clients list
- C. Default policy expression filter
- D. Advanced policy expression filter
Answer: B
NEW QUESTION 44
In PCRE, the only characters assumed to be literals are ___________ (Choose the correct option to complete the sentence.)
- A. a-z, A-Z
- B. A-Z
- C. a-z, A-Z, 0-9
- D. 0-9
Answer: A
NEW QUESTION 45
A Citrix Engineer has enabled transform action in SQL injection check.
What would the following parameter be transformed into?
- A. Citrix; OR '1' ='1
- B. Citrix OR "1"="1
- C. Citrix\ OR "1"="1
- D. Citrix OR "1"=/1
- E. Citrix/ OR "1"="1
Answer: C
NEW QUESTION 46
Which security model should a Citrix Engineer implement to ensure that only appropriate traffic that matches the expected application behavior is permitted to pass through to the web application?
- A. Negative
- B. Dynamic
- C. Hybrid
- D. Positive
Answer: D
NEW QUESTION 47
What can a Citrix Engineer implement to protect against the accidental disclosure of personally identifiable information (PII)?
- A. Cookie Consistency
- B. HTML Cross-Site Scripting
- C. Form Field Consistency
- D. Safe Object
Answer: D
NEW QUESTION 48
Scenario: A Citrix Engineer is using Citrix Application Delivery Management (ADM) to manage SSL certificates across all Citrix ADC instances. The engineer wants to distribute a new certificate to the devices. What, in addition to the certificate file, must the engineer provide when uploading the new certificate?
- A. Key File
- B. Root Certificate
- C. Certificate Signing Request (CSR)
- D. Serial Number File
Answer: A
NEW QUESTION 49
A Citrix Engineer observes that the servers hosting a critical application are crashing on a regular basis. Which protection could the engineer implement on a Citrix Web App Firewall in front of the application?
- A. Buffer Overflow Check
- B. HTML SQL Injection
- C. Start URL
- D. HTML Cross-Site Scripting (XSS)
Answer: A
NEW QUESTION 50
A Citrix Engineer has defined an HTTP Callout, hc_authorized_location, to return the value
"Authorized" if client's IP address is on a list of authorized external locations.
Which advanced expression should the engineer use in a policy for testing this condition?
- A. SYS.HTTP_CALLOUT(hc_authorized_location).IS_VALID
- B. SYS.HTTP_CALLOUT(hc_authorized_location).IS_TRUE
- C. SYS.HTTP_CALLOUT(hc_authorized_location).EQUALS_ANY("Authorized")
- D. SYS.HTTP_CALLOUT(hc_authorized_location).EQ("Authorized")
Answer: C
NEW QUESTION 51
Which Citrix Web App Firewall profile setting can a Citrix Engineer implement to remove non-essential content from web files to improve response time?
- A. Exclude Uploaded Files from Security Checks
- B. Exempt Closure URLs from Security Checks
- C. Strip HTML Comments
- D. Enable Form Tagging
Answer: C
NEW QUESTION 52
Which build-in TCP profile can a Citrix Engineer assign to a virtual server to improve performance for users who access an application from a secondary campus building over a fiber optic connection?
- A. nstcp_default_tcp_interactive_stream
- B. nstcp_default_tcp_lfp
- C. nstcp_default_tcp_lan
- D. nstcp_default_tcp_lnp
Answer: B
NEW QUESTION 53
Scenario: A Citrix Engineer observes that when going through NetScaler, user connections fail and users are unable to access Exchange server. However, users can connect directly to the Exchange server. After checking the logs, the engineer finds that the POST request is blocked through the NetScaler.
The log in/ var/log/ns.log is as follows:
Jul 20 11:00: 38 <local0.info>x.x.x. 1 07/20/2017:11:00:38 GMT ns 0-PPE-0:APPFW AF_400_RESP 29362 0: x.x.x.1 439800-PPEO- urlwdummy
https://test.abc.com/rpc/rpcproxy.dll?mail.sfmta.com:6004 Bad request headers. Content-length exceeds post body limit <blocked> Which parameter can the engineer modify to resolve the issue while maintaining security?
- A. Increase the POST body limit under common settings in Application Firewall profile settings.
- B. Increase the POST body limit using the HTTP profile.
- C. Add an Application Firewall policy with the expression "HTTP.REQ.METHOD.EQ(\ "POST"\)" with APPFW_BYPASS profile bound.
- D. Increase the Maximum Header Length under nshttp_default_profile.
Answer: A
NEW QUESTION 54
A Citrix Engineer executed the below commands on the NetScaler command-line interface (CLI):
add stream selector cacheStreamSelector http.req.url
add ns limitidentifiercacheRateLimitIdentifier threshold 5 timeSlice 2000 - selectorNamecacheStreamSelector add cache policy cacheRateLimitPolicy rule "http.req.method.eq(get) &&sys.check_limit (\
"cacheRateLimitIdentifier\")" action cache
bind cache global cacheRateLimitPolicy- priority 10
What will be the effect of executing these commands?
- A. NetScaler will cache a response if the request URL rate exceeds 5 per 2000 seconds.
- B. NetScaler will NOT cache a request if the request URL rate exceeds 5 per 2000 milliseconds.
- C. NetScaler will cache a response if the request URL rate exceeds 5 per 2000 milliseconds.
- D. NetScaler will cache a request if the request URL rate exceeds 5 per 2000 seconds.
Answer: D
NEW QUESTION 55
Scenario: A Citrix Engineer wants to use Citrix Application Delivery Management (ADM) to monitor a single Citrix ADC VPX with eight web applications and one Citrix Gateway. It is important that the collected data be protected.
Which deployment will satisfy the requirements?
- A. A pair of Citrix ADM virtual appliances configured for High Availability.
- B. A single Citrix ADM with database replication to a secondary storage repository.
- C. A pair of Citrix ADM virtual appliances, each working independently.
- D. A single Citrix ADM imported onto the same hypervisor as the Citrix ADC VPX.
Answer: A
NEW QUESTION 56
Scenario: A Citrix Engineer has configured LDAP group extraction on the NetScaler Management and Analytics System (NMAS) for the administration. The engineer observes that extraction is NOT working for one of the five configured groups.
What could be the cause of the issue?
- A. The NMAS group does NOT match the one on the external LDAP servers.
- B. The LDAP bind DN is incorrectly configured in the LDAP profile.
- C. The admin bind user has read-only permissions on the LDAP server.
- D. The user group extraction is NOT supported with plaintext LDAP.
Answer: A
NEW QUESTION 57
A Citrix Engineer is considered that malicious users could exploit a web system by sending a large cookie.
Which security check can the engineer implement to address this concern?
- A. Buffer Overflow
- B. Field Formats
- C. Start URL
- D. Content-type
Answer: A
NEW QUESTION 58
......
For more info visit:
Free 1Y0-341 braindumps download: https://www.realvce.com/1Y0-341_free-dumps.html
1Y0-341 Dumps for Pass Guaranteed - Pass 1Y0-341 Exam: https://drive.google.com/open?id=19BS2zCF58Jsi06bT0odMt6IwsPOPbs4h