Achieve New Updated (September) Citrix 1Y0-351 Examination Questions 21-30

Ensurepass

 

QUESTION 21

A NetScaler Engineer needs to audit extended Access Control List (ACL) hits. Which two areas would the engineer enable logging so that the ACL hits could be stored in the /var/log/ns.log? (Choose two.)

 

A.

The ACL

B.

The syslogAction

C.

The nslog parameters

D.

The syslog parameters

 

Correct Answer: AD

 

 

QUESTION 22

Scenario: When the NetScaler was set up, compression was enabled. The network engineer would like to disable compression ONLY for a particular virtual server. How could the engineer accomplish this?

 

A.

Uncheck Compression in the system basic features.

B.

Create a policy with a NOCOMPRESS action, bound to the global request point.

C.

Disable compression on the services or service groups bound to the virtual server.

D.

Create a policy with a NOCOMPRESS action, bound the virtual server Compression (request) point.

 

Correct Answer: C

 

 

QUESTION 23

Which SSL parameter should an engineer configure to bind multiple certificate key pairs to a virtual server?

 

A.

SNI enable

B.

Session reuse

C.

Send close-notify

D.

Client authentication

 

Correct Answer: A

 

 

QUESTION 24

A NetScaler Engineer would like to encrypt the LDAP authentication traffic from a NetScaler to the internal LDAP servers. Which type of load-balancing service should the engineer create?

 

A.

SSL

B.

TCP

C.

RADIUS

D.

SSL_TCP

 

Correct Answer: D

 

 

 

 

QUESTION 25

Which option must a NetScaler Engineer set to enable client keep-alive mode?

 

A.

-cka yes

B.

-usip yes

C.

-cip disabled

D.

-useproxyport yes

 

Correct Answer: A

 

 

QUESTION 26

Scenario: A NetScaler Engineer must implement load-balancing on a web server farm that serves video clips to end users. Video clip files vary in size. The engineer needs to send traffic to the server with the least amount of network utilization. Which load-balancing method should the engineer use?

 

A.

Least Request

B.

Least Bandwidth

C.

Least Connection

D.

Least Response Time

 

Correct Answer: B

 

 

QUESTION 27

Scenario: A NetScaler Engineer has created a local account for a user according to the below configuration:

 

add system user NSUser userpassword -timeout 900

 

add system group “NetScaler users” -timeout 900

 

add system cmdPolicy netscaler-users ALLOW

“(^man.*)|(^shows+(?!system)(?!configstatus)(?!ns ns.conf)(?!ns savedconfig)(?!ns runningConfig)(?!gslb runningConfig)(?!audit messages)(?!techsupport).*)|(^stat.*)”

 

bind system group “NetScaler users” -userName NSUser

 

bind system group “NetScaler users” -policyName netscaler-users 100

 

The user is able to log on but is NOT able to execute certain commands. The engineer goes back and looks at the logs, and the following is displayed:

 

Oct 6 13:34:15 <local0.info> 192.168.10.50 10/06/2014:13:34:15 GMT ns1 0-PPE-0 : CLI CMD_EXECUTED 4303 0 : User NSUser – Remote_ip 192.168.10.10 – Command “show ns runningConfig” – Status “ERROR: Not authorized to execute this command”

 

Why is the command NOT working for the user?

 

A.

cmdPolicy is NOT configured to allow the command

B.

cmdPolicy should be set to DENY, instead of ALLOW

C.

The user should be bound to the cmdPolicy netscaler-users

D.

The priority of the cmdPolicy bound to the group “NetScaler users” should be higher

Correct Answer: A

 

 

QUESTION 28

What is the purpose of binding Certificate Authority (CA) certificates to a virtual server?

 

A.

For SSL Offload

B.

To validate the server certificate

C.

For client certificate authentication

D.

To provide intermediate certificates to the client

 

Correct Answer: C

 

 

QUESTION 29

When a network engineer logs onto a new NetScaler device in the London datacenter, data output indicates that the device is NOT configured for the local time. How can the network engineer synchronize the correct time with an NTP server in the local data center?

 

A.

Configure the correct time from the GUI and restart.

B.

Modify the ntp.conf and rc.netscaler files and restart.

C.

Logon using the nsrecover/nsroot credentials and restart.

D.

Configure the NetScaler as a secondary NTP server and restart.

 

Correct Answer: B

 

 

QUESTION 30

When would it be necessary to configure Failover Interface Set (FIS) in an environment that has two NetScaler appliances in high availability (HA) mode?

 

A.

Link redundancy is required.

B.

Route monitors are required.

C.

HA monitor is disabled in some interfaces.

D.

The NetScaler appliances are configured on different networks.

 

Correct Answer: A

Free VCE & PDF File for Citrix 1Y0-351 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

 

This entry was posted in 1Y0-351 Examination questions (September) and tagged , , , , , , . Bookmark the permalink.