Download Latest (June) Citrix 1Y0-351 Practice Test 61-70

Ensurepass

 

QUESTION 61

Scenario: The NetScaler is configured with a NSIP of 10.20.30.40. Management access is NOT enabled on any other IP address.

 

Which command should an engineer execute to prevent access to the NetScaler using HTTP and only allow HTTPS access?

 

A.

set ns ip 10.20.30.40 -gui disabled -telnet disabled

B.

set ip 10.20.30.40 -gui secureonly -mgmtaccess enabled

C.

set ip 10.20.30.40 -mgmtaccess disabled -gui secureonly

D.

set ns ip 10.20.30.40 -gui enabled -restrictAccess enabled

 

Answer: B

 

 

QUESTION 62

During a recent security penetration test, several ports on the management address were identified as providing unsecured services.

 

Which two methods could the network engineer use to restrict these services? (Choose two.)

 

A.

Configure Auditing policies.

B.

Create Content Filtering policies.

C.

Create Access Control Lists (ACLs).

D.

Configure options on the Management IP addresses.

 

Answer: CD

 

 

QUESTION 63

Scenario: A network engineer deployed a new NetScaler MPX appliance on the network

 

 

 

Citrix 1Y0-351 : Practice Test

and all interfaces are connected to the core switch. The network engineer notices the CPU utilization has become very high on the switch since the NetScaler deployment.

 

Which two actions could the engineer perform on the NetScaler to resolve this issue? (Choose two.)

 

A.

Configure VMAC

B.

Utilize static routing

C.

Configure a channel

D.

Connect a single interface only

 

Answer: CD

 

 

QUESTION 64

A network engineer needs to investigate why a few users have issues logging on to the NetScaler system. How can the engineer troubleshoot authentication issues on the NetScaler system?

 

A.

Use ECV monitoring.

B.

Run a violations report in Reporting.

C.

Use the CAT aaad.debug command.

D.

Check the system-authentication setting in the GUI.

 

Answer: C

Explanation:drop the the shell and the file is located at:

/tmp/aaad.debug

 

clip_image002

 

 

QUESTION 65

Citrix 1Y0-351 : Practice Test

Which step could a network engineer take to prevent brute force logon attacks?

 

A.

Enable the Rate Limiting feature.

B.

Enable the AAA Application feature.

C.

Configure the Access Gateway policies.

D.

Configure the Cache redirection policies.

 

Answer: A

 

 

QUESTION 66

A network engineer wants to hide the IP address of the outgoing packets by changing it to the IP of the VIP.

 

Which feature should the administrator use?

 

A.

ACL

B.

PBR

C.

RNAT

D.

Rewrite

 

Answer: C

 

 

QUESTION 67

Scenario: A network engineer has configured an HTTP application to be load balanced using a virtual server named Svr1. Users have reported intermittent errors and the engineer has been given the client IP address of an affected user and asked to determine which back end service they are connected to.

 

Using the command-line interface, how could the engineer find this information?

 

A.

Show lb vServer Svr1

B.

Show system session

C.

Show lb vServer Svr1 -Summary

D.

Show lb persistentSessions Svr1

 

Answer: D

Citrix 1Y0-351 : Practice Test

 

 

QUESTION 68

A network engineer is testing a new load balancing virtual server “test” that has the service group “test-grp” bound to it.

 

Which command could the engineer run to show connection details for the new virtual server?

 

A.

show server

B.

show services

C.

show servicegroups

D.

show connectiontable

 

Answer: D

 

 

QUESTION 69

When binding a certificate to a virtual server, which two certificate formats are supported by NetScaler? (Choose two.)

 

A.

P7B

B.

PFX

C.

PEM

D.

DER

 

Answer: CD

 

 

QUESTION 70

Scenario: The NetScaler has connections to a large number of VPNs. The network engineer wants to minimize the number of ARP requests.

 

Which feature should the network engineer enable to minimize ARP requests?

 

A.

TCP Buffering

 

 

 

Citrix 1Y0-351 : Practice Test

B.

Use Source IP

C.

Edge Configuration

D.

MAC based forwarding

 

Answer: D

 

 

Free VCE & PDF File for Citrix 1Y0-351 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

This entry was posted in 1Y0-351 Practice Tests (June) and tagged , , , , , , . Bookmark the permalink.