Achieve New Updated (September) Citrix 1Y0-351 Examination Questions 1-10

Ensurepass

QUESTION 1

Scenario: A NetScaler Engineer is using the DataStream feature. The NetScaler appliance is located in front of a MySQL Database server in the network topology.

 

The engineer would like to block requests that would drop a database. The engineer comes up with the expression MYSQL.REQ.QUERY.TEXT.CONTAINS(“drop database”).

 

The engineer should configure the expression with the ___________ feature to block these requests. (Choose the correct option to complete the sentence.)

 

A.

Responder

B.

Rate Limiting

C.

Content Filtering

D.

Access Control List

 

Correct Answer: A

 

 

QUESTION 2

Server Name Indication (SNI) is required when __________. (Choose the correct option to complete the sentence.)

 

A.

TLS 1.1/1.2 is enabled exclusively

B.

a SAN extension certificate is used

C.

multiple certificates are used on multiple domains on the same VServer

D.

configuring a content switching SSL VServer with a single domain certificate

 

Correct Answer: C

 

 

QUESTION 3

Scenario: A NetScaler Engineer is troubleshooting an issue and using /var/log/ns.log to view the errors.

 

The logs are being filled with messages like the ones below:

 

Oct 6 14:03:23 <local0.info> 192.168.10.50 10/06/2014:14:03:23 GMT ns1 0-PPE-0 : TCP CONN_DELINK 4471 0 : Source 192.168.10.10:52187 – Vserver 192.168.10.50:80 – NatIP 192.168.10.10:52187 – Destination 192.168.10.50:80 – Delink Time 10/06/2014:14:03:23 GMT – Total_bytes_send 1075 – Total_bytes_recv 352

 

Oct 6 14:03:30 <local0.info> 192.168.10.50 10/06/2014:14:03:30 GMT ns1 0-PPE-0 : TCP CONN_TERMINATE 4472 0 : Source 192.168.10.35:80 – Destination 192.168.10.51:35341  Start Time 10/06/2014:14:02:43 GMT – End Time 10/06/2014:14:03:30 GMT – Total_bytes_send 1 – Total_bytes_recv 1

 

Oct 6 14:03:30 <local0.info> 192.168.10.50 10/06/2014:14:03:30 GMT ns1 0-PPE-0 : TCP CONN_TERMINATE 4473 0 : Source 127.0.0.1:7776 – Destination 127.0.0.2:55623 – Start Time 10/06/2014:14:02:45 GMT – End Time 10/06/2014:14:03:30 GMT – Total_bytes_send 1 – Total_bytes_recv 1

 

Oct 6 14:03:30 <local0.info> 192.168.10.50 10/06/2014:14:03:30 GMT ns1 0-PPE-0 : TCP CONN_TERMINATE 4474 0 : Source 127.0.0.1:80 – Destination 127.0.0.2:39771 – Start Time 10/06/2014:14:02:46 GMT – End Time 10/06/2014:14:03:30 GMT – Total_bytes_send 1 – Total_bytes_recv 1

Which option should the engineer modify to stop these types of messages from getting logged in /var/log/ns.log?

 

A.

ACL logging in the nslog parameters

B.

ACL logging in the syslog parameters

C.

TCP logging in the nslog parameters

D.

TCP logging in the syslog parameters

 

Correct Answer: D

 

 

QUESTION 4

Scenario: A NetScaler Engineer needs to enable access to a load-balancing virtual server from two customers that belong to different VLANs, VLAN500 and VLAN600. Each customer must access the services and servers specific to their VLAN and should never be able to reach another customer service or servers. Traffic Domain (TD) 1 has been created for VLAN500 and Traffic Domain (TD) 2 for VLAN600. Load-balancing services have also been created for each server on TD1 and TD2. The TD for the virtual server is TD 3 and IP address 172.10.0.30. In order to complete this setup, the engineer should create a load-balancing virtual server with IP 172.10.0.30 on TD 3 and use __________. (Choose the correct option to complete the sentence.)

 

A.

TD2 services as a backup virtual server

B.

TD1 and TD2 services on one virtual server

C.

TD1 and TD2 services on two virtual servers

D.

TD1 on one virtual server and TD2 on second

 

Correct Answer: D

 

 

QUESTION 5

A network engineer might choose to use SSL_Bridge instead of a SSL virtual server in order to __________. (Choose the correct option to complete the sentence.)

 

A.

be able to decrypt the SSL traffic

B.

enable use of OCSP for revoked certificates

C.

pass user certificates to the back-end servers

D.

enable SSL server certificates on the service group

 

Correct Answer: C

 

 

QUESTION 6

Which two NetScaler command-line interface commands could an engineer execute to change TCP Window Scaling settings on the NetScaler? (Choose two.)

 

A.

set netProfile

B.

add ns tcpProfile

C.

unset ns tcpParam

D.

set ns tcpbufParam

E.

add autoscale profile

 

Correct Answer: BC

 

QUESTION 7

What is the only input format supported by the NetScaler when using the NetScaler Certificate Import wizard within the configuration utility?

 

A.

JKS

B.

PEM

C.

DER

D.

PKCS#12

 

Correct Answer: D

 

 

QUESTION 8

Scenario: A network engineer would like to prevent blacklisted remote clients from accessing NetScaler hosted application services. An IP address blacklist database is maintained by an external company and available to query over the Internet. The engineer would like to reject any connections from IP addresses that are contained in the blacklist. What could the engineer configure to achieve this goal?

 

A.

SSL offload

B.

HTTP callout

C.

URL transformation

D.

SSL certification revocation list check

 

Correct Answer: B

 

 

QUESTION 9

Scenario: A NetScaler Engineer is viewing Authentication, Authorization and Access (AAA) events on the NetScaler appliance to determine why a user is unable to log on. The events below have been logged during this timeframe:

 

Fri Oct 17 18:17:16 2014

 

/usr/home/build/rs_80_48/usr.src/usr.bin/nsaaad/../../netscaler/aaad/ldap_drv.c[40]:

start_ldap_auth attempting to

 

auth scottli @ 10.12.33.216

 

Fri Oct 17 18:17:18 2014

 

/usr/home/build/rs_80_48/usr.src/usr.bin/nsaaad/../../netscaler/aaad/ldap_drv.c[291]:

recieve_ldap_bind_event receive ldap bind event

 

Fri Oct 17 18:17:18 2014

 

/usr/home/build/rs_80_48/usr.src/usr.bin/nsaaad/../../netscaler/aaad/ldap_drv.c[326]:

 

recieve_ldap_bind_event ldap_bind with binddn bindpw failed:Invalid credentials Fri Oct 17

18:17:18 2014

 

/usr/home/build/rs_80_48/usr.src/usr.bin/nsaaad/../../netscaler/aaad/naaad.c[1198]:

send_reject sending reject to kernel for : scottli

 

What is the root cause of this issue?

A.

The LDAP Base DN is incorrect.

B.

The Bind DN credentials are invalid.

C.

The LDAP server is NOT responding.

D.

The user has entered an invalid password.

 

Correct Answer: B

 

 

QUESTION 10

Which connection state is included in the Current Server Connections parameter, but not affected by Max Clients?

 

A.

Open

B.

Listen

C.

Closing

D.

Open Established

 < /p>

Correct Answer: C

Free VCE & PDF File for Citrix 1Y0-351 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 1Y0-351 Examination questions (September) and tagged , , , , , , . Bookmark the permalink.