Citrix 1Y0-440 問題集

質問 1：
Scenario: A Citrix Architect needs to assess an existing on-premises NetScaler deployment which includes Advanced Endpoint Analysis scans. During a previous security audit, the team discovered that certain endpoint devices were able to perform unauthorized actions despite NOT meeting pre-established criteria.
The issue was isolated to several endpoint analysis (EPA) scan settings.
Click the Exhibit button to view the endpoint security requirements and configured EPA policy settings.

Which setting is preventing the security requirements of the organization from being met?
A. Item 3
B. Item 2
C. Item 4
D. Item 6
正解：D

質問 2：
Scenario: A Citrix Architect has deployed two MPX devices, 12.0.53.13 nc and MPX 11500 models, in a high availability (HA) pair for the Workspace labs team. The deployment method is two-arm. and the devices are installed behind a CISCO ASA 5585 firewall. The architect enables the following features on the Citrix ADC devices: Content Switching. SSL Offloading, Load Balancing, Citrix Gateway, Application Firewall in hybrid security, and Appflow. All are enabled to send monitoring information to Citrix Application Delivery Management 12.0.53.13 nc build. The architect is preparing to configure load balancing for Microsoft Exchange 2016 server.
The following requirements were discussed during the implementation:
All traffic needs to be segregated based on applications, and the fewest number of IP addresses should be utilized during the configuration.
All traffic should be secured, and any traffic coming into HTTP should be redirected to HTTPS.
Single Sign-on should be created for Microsoft Outlook web access (OWA).
Citrix ADC should recognize Uniform Resource Identifier (URI) and close the session to Citrix ADC, when users hit the Logoff button in Microsoft Outlook web access.
Users should be able to authenticate using user principal name (UPN).
The Layer 7 monitor should be configured to monitor the Microsoft Outlook web access servers, and the monitor probes must be sent on SSL.
Which Responder policy can be utilized to redirect the users from http://mail.citrix.com to https://mail.citrix.com/owa?
A. add responder action Act redirect ""http://mail.citrix.com/owa/"" -responseStatusCode 302 add responder policy pol "HTTP.REQ.IS_NOTVALID Act
B. add responder action Act redirect ""http://mail.citrix.com/owa/"" -responseStatusCode 302 add responder policy pol "http.REQ.URL.PATH_AND_QUERY.EQ("/")" Act
C. add responder action Act redirect ""https://mail.citrix.com/owa/"" -responseStatusCode 307 add responder policy pol "HTTP.REQ.IS_NOTVALID Act
D. add responder action Act redirect ""https://mail.citrix.com/owa/"" -responseStatusCode 302 add responder policy pol "http.REQ.URL.PATH_AND_QUERY.EQ("/")" Act
正解：D

質問 3：
Scenario: A Citrix Architect has configured two MPX devices in high availability mode with version 12.0.53.13 nc. After a discussion with the security team, the architect enabled the Application Firewall feature for additional protection.
In the initial deployment phase, the following security features were enabled:
IP address reputation
HTML SQL injection check
Start URL
HTML Cross-site scripting
Form-field consistency
After deployment in pre-production, the team identifies the following additional security features and changes as further requirements:
Application Firewall should retain the response of form field in its memory. When a client submits the form in the request, Application Firewall should check for inconsistencies in the request before sending it to the web server.
All the requests dropped by Application Firewall should get a pre-configured HTML error page with appropriate information.
The Application Firewall profile should be able to handle the data from the RSS feed and an ATOM-based site. Click the Exhibit button to view an excerpt of the existing configuration.

What should the architect do to meet these requirements?
A. Configure a new HTML profile and use previously used Application Firewall security checks.
B. Configure a new profile with XML and use previously used Application Firewall security checks.
C. Modify an existing HTML profile and disable 'Drop invalid security check'
D. Configure a new profile with web 2.0 and use the previously used Application Firewall security checks.
正解：D

質問 4：
Scenario: Based on a discussion between a Citrix Architect and a team of Workspacelab members, the MPX Logical layout for Workspacelab has been created across three (3) sites.
They captured the following requirements during the design discussion held for a Citrix ADC design project:
All three (3) Workspacelab sites (DC NDR and DR) will have similar Citrix ADC configurations and design Both external and internal Citrix ADC MPX appliances will have Global Server Load Balancing (GSLB) configured and deployed in Active/Passive mode GSLB should resolve both A and AAA DNS queries.
In the GSLB deployment the NDR site will act as backup for the DC site, whereas the DR site will act as backup for the NDR site When the external Citrix ADC replies to DNS traffic coming in through Cisco Firepower IPS the replies should be sent back through the same path On the internal Citrix ADC. both front-end VIP and back-end SNIP will be part of the same subnet USIP is configured on the DMZ Citrix ADC appliances The external Citrix ADC will act as default gateway for back-end servers.
All three (3) sites (DC, NDR, and DR) will have two (2) links to the Internet from different service providers configured in Active/Standby mode Which design decision must the architect make to meet the design requirements above?
A. Mac Based Routing must be configured on the External Citrix ADC
B. Interface 0/1 must be used for DNS traffic
C. The SNIP of the internal Citrix ADC must be configured as the default gateway on the back-end servers.
D. The SNIP of the external Citrix ADC must be configured as default gateway on the back-end servers
E. ADNS service must be used with IPv6 address
正解：C

質問 5：
Scenario: A Citrix Architect has sent the following request to the NetScaler:

Which response would indicate the successful execution of the NITRO command?
A. 201
B. 202
C. 302
D. 200
正解：A
解説: (Topexam メンバーにのみ表示されます)