getcertified4sure.com

1y0-340 Exam

Citrix 1y0-340 Practice 2021




Proper study guides for Improved Citrix Analyzing Citrix NetScaler Advanced Topics: Security - Management - and Optimization certified begins with Citrix 1y0-340 preparation products which designed to deliver the Guaranteed 1y0-340 questions by making you pass the 1y0-340 test at your first time. Try the free 1y0-340 demo right now.

NEW QUESTION 1
Scenario: A Citrix Engineer has configured a NetScaler Management Analytics System (NMAS) policy mandating that all certificates must have minimum key strengths of 2048 bits and must be authorized by trusted CA/Issuers.
How does NMAS alert the engineer about non-compliance?

  • A. NMAS highlights any non-compliance with the ‘Non-Recommended’ tag.
  • B. NMAS disables any non-compliant policies.
  • C. NMAS does NOT alert the engineer.
  • D. NMAS disables any non-compliant certificates.

Answer: A

NEW QUESTION 2
Which NetScaler Management and Analytics System (NMAS) feature will assist the Citrix Engineer in gathering the required data for issues with Endpoint Analysis?

  • A. Security Insight
  • B. Web Insight
  • C. HDX Insight
  • D. Gateway Insight

Answer: A

NEW QUESTION 3
Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction.
Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results?
add appfw profile Test123 –startURLAction none- denyURLAction none- cookieConsistencyAction log
–cookieTransforms ON –cookieEncryption ecryptSessionOnly –addCookieFlags httpOnly
–crossSiteScriptingAction none- SQLInjectionAction log stats –SQLInjectionTransfrormSpecialChars ON- SQLInjectionCheckSQLWildChars ON –fieldFormatAction none –bufferOverflowAction none
–responseContentType “application/octet-stream”- XMLSQLInjectionAction none –XMLXSSAction none-XMLWSIAction none- XMLValidationAction none

  • A. Configure Encrypt Server cookies to “Encrypt All”
  • B. Configure Encrypt Server cookies to “None”
  • C. Configure Encrypt Server cookies to “Encrypt Session Only”
  • D. Configure Encrypt Server cookies to “Encrypt only”

Answer: B

NEW QUESTION 4
A Citrix Engineer configures the integrated caching feature to cache both static and dynamic content, but the integrated cache feature does NOT work as expected.
Which two resources can the engineer use to troubleshoot this integrated cache issue? (Choose two.)

  • A. core dump
  • B. dmesg
  • C. nstrace
  • D. ns.conf
  • E. sysctl-a

Answer: CD

Explanation:
Reference
https://docs.citrix.com/en-us/netscaler/11/optimization/integrated-caching/troubleshooting-integrated-caching.ht

NEW QUESTION 5
The NetScaler Management and Analytics System (NMAS) needs to communicate with NetScaler instances on the Microsoft Azure and Amazon Web Services (AWS) clouds.
Which configuration must a Citrix Engineer make to meet this requirement?

  • A. Layer 2 tunnel between NetScaler MAS and the NetScaler VPX instances.
  • B. Layer 3 tunnel between NetScaler MAS and the NetScaler VPX instances.
  • C. Layer 2 Tunneling Protocol (L2TP) connection to the NetScaler VPX instances.
  • D. NetScaler MAS in the cloud.

Answer: B

NEW QUESTION 6
A Citrix Engineer needs to set the rate at which connections are proxied from the NetScaler to the server. Which values should the engineer configure for Surge Protection?

  • A. UDP Threshold and Start Port
  • B. Grant Quota and Buffer Size
  • C. TCP Threshold and Reset Threshold
  • D. Base Threshold and Throttle

Answer: D

NEW QUESTION 7
Scenario: A Citrix Engineer has created a default admin user with username Admin1 and password ‘nsroot’ for the tenant example-online. However, the tenant administrator is unable to log in as username Admin1 and password ‘nsroot’.
Which action resolves this problem?

  • A. User should use the system administrator credentials to login.
  • B. The user BIND DN should be specified.
  • C. The default password must be change before login.
  • D. User should enter username as example-onlineAdmin1.

Answer: B

NEW QUESTION 8
A Citrix Engineer has configured SQL Injection security check to block all special characters. Which two requests will be blocked after enabling this check? (Choose two.)

  • A. Citrix; Sqltest
  • B. 175// OR 1//=1//
  • C. Citrix” OR “1”=”1
  • D. Citrix OR 1=1
  • E. 175’ OR ‘1’= ‘1’

Answer: AB

NEW QUESTION 9
Which two actions can a Citrix Engineer use to provide Denial of Service (DoS) protection with the AppQoE feature? (Choose two.)

  • A. Simple Response
  • B. HICResponse
  • C. Denial Response
  • D. Complex Response

Answer: AB

NEW QUESTION 10
Scenario: A Citrix Engineer has configured NetScaler Management and Analytics System (NMAS) with the default settings. In this configuration, the total number of virtual servers is lower than the number of installed virtual server licenses.
Which type of virtual server will NOT be automatically licensed by the NMAS on discovered instances?

  • A. Non-addressable virtual server
  • B. Load Balancing virtual server
  • C. SSL Offload virtual server
  • D. Content Switching virtual server

Answer: A

NEW QUESTION 11
Scenario: A Citrix Engineer configured an HTTP Denial-of-Service (DoS) protection policy by setting the Surge Queue depth to 300. The surge queue reaches a size of 308, triggering the NetScaler “attack” mode. The HTTP DoS window mechanism is left at the default size which, when reached, will trigger “no-attack” mode.
Which queue depth value must the Surge Queue be to trigger the “no-attack” mode?

  • A. size should be less than 280.
  • B. size should be 300.
  • C. size should be 290.
  • D. size should be between 280 and 300.

Answer: A

NEW QUESTION 12
Which meta-character can be used as a wildcard to match a single character in a given position?

  • A. A forward slash (/)
  • B. A period (.)
  • C. An asterisk (*)
  • D. A dollar Sign ($)

Answer: D

NEW QUESTION 13
A company has experienced an outage of their mission-critical website. Upon investigation, the Citrix Engineer determines that the following command was executed on the website:
DROP TABLE table_name
Which security check would have prevented this issue?

  • A. HTML SQL Injection
  • B. Form Field Consistency
  • C. HTML Cross-Site Scripting
  • D. Field Formats

Answer: A

NEW QUESTION 14
Which requirement must be addressed to implement the IP Reputation feature on a NetScaler MPX appliance?

  • A. The NetScaler appliance must be able to connect to api.bcti.brightcloud.com on port 443.
  • B. The NetScaler appliance must be able to connect to wiprep-rtu.s3-us-west-2.amazonaws.com on port 80.
  • C. The NetScaler appliance must be able to connect to api.bcss.brightcloud.com on port 80.
  • D. The NetScaler appliance must be able to connect to wiprep-rtu.s3-us-west-2.amazonaws.com on port 443.

Answer: A

NEW QUESTION 15
Which NetScaler Management Analytics System (NMAS) feature can the Citrix Engineer use to convert configuration tasks performed using the GUI to CLI commands?

  • A. Master Configuration
  • B. Inbuilt Template
  • C. Record-and-Play
  • D. Configuration Template

Answer: C

NEW QUESTION 16
A Citrix Engineer needs to configure the authentication feature on NetScaler Management and Analytics System (NMAS) to enable local authentication to take over if the external authentication fails.
What can the engineer configure to meet this requirement?

  • A. Select LOCAL as the Server Type when configuring authentication.
  • B. Select EXTERNAL as the Server Type when configuring authentication.
  • C. Enable the fallback local authentication option.
  • D. Configure Cascade authentication with External as primary and LOCAL as secondary.

Answer: B

NEW QUESTION 17
What criteria must be met in order to create a certificate bundle by linking multiple certificates in NetScaler Management and Analytics System (NMAS)?

  • A. The issuer of the first certificate must match the domain of the second certificate.
  • B. The issuer if the first certificate must NOT have issued the second certificate.
  • C. The certificates must be created on the NetScaler.
  • D. The certificates must be issued by an external Certificate Authority.

Answer: A

NEW QUESTION 18
A Citrix Engineer needs to write a regular expression to treat the URL www.citrix.com as a literal string. Which regular expression can the engineer use?

  • A. www$.citrix$.com
  • B. [www]. [citrix]. [com]
  • C. www+.citrix+.com
  • D. www.citrix.com

Answer: B

NEW QUESTION 19
A Citrix Engineer needs to implement Application Firewall to prevent the following tampering and vulnerabilities:
-If web server does NOT send a field to the user, the check should NOT allow the user to add that field and return data in the field.
-If a field is a read-only or hidden field, the check verifies that data has NOT changed.
-If a field is a list box or radio button field, the check verifies that data in the response corresponds to one of the values in that field.
Which security check can the engineer enable to meet this requirement?

  • A. Field Formats
  • B. Form Field Consistency
  • C. HTML Cross-Site Scripting
  • D. CSRF Form Tagging

Answer: B

NEW QUESTION 20
The NetScaler logging client server can be installed and configured to store the log for . (Choose the correct option to complete the sentence.)

  • A. HTTP and HTTPS active connections on the NetScaler
  • B. HTTP and HTTPS requests processed by the NetScaler
  • C. statistics of the HTTP and HTTPS web sites load balanced on NetScaler
  • D. status of all the HTTP and HTTPS backend web servers

Answer: B

NEW QUESTION 21
Which reason can cause fail over in a NetScaler Management and Analytics System (NMAS) High Availability pair?

  • A. A secondary server loses connectivity in the LAN.
  • B. The engineer manually forces the secondary server to shut down.
  • C. A primary server encounters a critical software issue.
  • D. A primary server does NOT receive the SNMP traps from the instances connected.

Answer: C

NEW QUESTION 22
Scenario: A Citrix Engineer receives the following error when accessing content from a virtual server: “Page cannot be displayed.”
However, the content is accessible when connecting directly to the web server.
The engineer captured the traffic using nstrace and found that the amount of data sent from the web server exceeds the content length defined in the HTTP header.
Which action can the engineer take to resolve the issue?

  • A. Disable Drop extra CRLF in the HTTP Profile.
  • B. Enable Drop extra data from server in the HTTP Profile.
  • C. Increase the Content length in the Application Firewall Profile.
  • D. Disable Drop extra data from server in the HTTP Profile.

Answer: B

NEW QUESTION 23
Scenario: A Citrix Engineer discovers a security vulnerability in one of its websites. The engineer takes a header trace and checks the Application Firewall logs.
The following was found in part of the logs:
method=GET
request = http://my.companysite.net/FFC/sc11.html msg=URL length (39) is greater than maximum allowed (20).cn1=707 cn2=402 cs1=owa_profile cs2=PPE0 cs3=kW49GcKbnwKByByi3+jeNzfgWa80000 cs4=ALERT cs5=2015
Which type of Application Firewall security check can the engineer configure to block this type of attack?

  • A. Buffer Overflow
  • B. Start URL
  • C. Cross-site Scripting
  • D. Cookie Consistency

Answer: C

NEW QUESTION 24
Scenario: A Citrix Engineer has migrated an application to NetScaler to secure it from application layer attacks. The engineer receives a complaint that the application is timing out while users are actively accessing the page. Those users are forced to reestablish the connection.
What can be the cause of this issue?

  • A. The maximum session lifetime is NOT configured.
  • B. The session time out is configured to a low value.
  • C. The application is configured with a low session timeout.
  • D. The maximum session lifetime is less than the session timeout.

Answer: B

NEW QUESTION 25
A Citrix Engineer needs to deploy the NetScaler Management and Analytics System (NMAS) in their company environment to ensure that NMAS provides uninterrupted operation in all situations.
Which deployment type can meet this requirement?

  • A. Active-Active High Availability Mode
  • B. Single-Server Deployment Mode
  • C. NMAS integrated with Director mode
  • D. Active-Passive High Availability Mode

Answer: A

NEW QUESTION 26
......

Recommend!! Get the Full 1y0-340 dumps in VCE and PDF From Dumpscollection, Welcome to Download: http://www.dumpscollection.net/dumps/1y0-340/ (New 106 Q&As Version)