MoreExam
1. Question Content...
EXPLANATION
Answer: X - EXPLANATION Content.
Question1: Which action can be used to place the rule on the relaxation list without being deployed and ensuring that the rule is NOT learned again?
Question2: Scenario: A Citrix Engineer configures an Application Firewall HTML SQL Injection Check and sets it to BLOCK and to use SQLSplCharANDKeyword as the SQL injection type. The engineer checks the logs and finds that nothing is being blocked.What can be the cause of the Application Firewall failing to block the attack?
Question3: When the NetScaler marks a client connection as "non-trackable", the default behavior of the NetScaler without making any change to the HTTP Profile is to ______. (Choose the correct option to complete the sentence.)
Question4: Which is a single-digit rating system that indicates the criticalness of attacks on the application, regardless of whether or NOT the application is protected by a NetScaler appliance?
Question5: Which method is used by NetScaler Management and Analytics System (NMAS) to gather licensing information from NetScaler?
Question6: Which setting should be enabled to convert the content-length form submission requests to chunked requests, when HTML SQL Injection protection is enabled?
Question7: Scenario: A Citrix Engineer has configured an IP Reputation policy and Profile in Application Firewall.However, the engineer is NOT able to see any hits on the policy during testing. Which logs can the engineer check to ensure that IP Reputation is configured correctly?
Question8: A Citrix Engineer needs to prevent an attack against insecure operating-system or web-server software.The attack can cause the system to crash or behave unpredictably when it receives a data string that is larger than it can handle.Which security check on the Application Firewall can the engineer enable to prevent such attacks?
Question9: Which logging does an engineer need to enable as a pre -requisite to geolocation - based logging?
Question10: A Citrix Engineer is configuring an Application Firewall Policy to protect a website.Which expression will the engineer use in the policy?
Question11: Which two security checks invoke sessionization? (Choose two.)
Question12: A Citrix Engineer needs to migrate the NetScaler Insight Center virtual appliance to NetScaler Management and Analytics System (NMAS).Which two actions should be met before migrating the NetScaler Insight Center virtual appliance to NMAS?(Choose two.)
Question13: Scenario: A Citrix Engineer needs to configure an Application Firewall policy for an online shopping website called "mycompany.com". As a security measure, the shopping cart application is hosted on a separate directory "/mycart" on the backend server. The engineer configured a profile to secure the connections to this shopping cart and now needs to ensure that this profile is allied to all incoming connections to the shopping cart.Which policy expression will accomplish this requirement?
Question14: Scenario: A Citrix Engineer has a project to enable Integrated Caching on a NetScaler for a Financial Consulting company whose clients monitor their stocks in real time. Clients are reporting a delay in the displaying of the stock values.What can the engineer configure on the NetScaler to enable data to be presented to the clients in real time?
Question15: Scenario: A Citrix Engineer needs to configure the Application Firewall to do a credit card check using the command-line interface (CLI) and configure the profile to obscure the credit card number. Which parameter will the engineer add in the CLI to encrypt the credit card numbers in the logs?
Question16: Scenario: A Citrix Engineer is configuring a Buffer Overflow Security Check. When configuring the options, the engineer notices that the Learn Mode is unavailable. Why is the Learn Mode unavailable in this configuration?
Question17: Which content type takes the maximum advantage of web caching mechanisms to boost performance?
Question18: A Citrix Engineer needs to implement a rate limiting policy to permit an average of one request in 40 ms using NetScaler.Which Limit Identifier will meet this requirement?
Question19: A Citrix Engineer needs to configure the authentication feature on NetScaler Management and Analytics System (NMAS) to enable local authentication to take over if the external authentication fails.What can the engineer configure to meet this requirement?
Question20: Scenario: A Citrix Engineer needs to configure an external SNMP server in a High Availability setup. The engineer configured the load-balancing virtual server to access the NetScaler Management and Analytics System (NMAS) HA pair.Which IP address will be configured on the external SNMP Manager to add the NMAS devices?
Question21: What can a Citrix Engineer use in NetScaler Management and Analytics System (NMAS) to troubleshoot an issue in which users report long response times when accessing a virtual desktop?
Question22: Scenario: A Citrix Engineer has configured Application Firewall and enabled it in learning mode. However, the Application Firewall database is reaching full capacity due to excessive requests. What can the engineer configure to mitigate this issue?
Question23: A Citrix Engineer observes the following event in the ns.log:Aug 3 11:55:58 <local0.info> 10.248.64.10 08/03/2015:15:55:58 GMT ATL0NS01 0-PPE-1: default APPFW APPFW_STARTURL 406856 0: 10.248.13.13 11152-PPE1 LG+hd4LkcYiOyQVWvOTsCtSyiv00001 SPI Disallow illegal URL: https://training.citrix.com/login <blocked> Which Application Firewall profile has blocked the URL?
Question24: A Citrix Engineer has deployed Front-end Optimization on NetScaler. The following are the snippets of the content before and after optimization.Before Optimization:After Optimization:Which optimization technique has been applied to the content?
Question25: A website hosts highly dynamic content that is frequently requested in bursts of high user access. Which configuration will reduce traffic to the origin server while optimizing client performance?
Question26: Scenario: A Citrix Engineer needs to set up a NetScaler Web Logging (NSWL) client system for logging.The engineer attempted to start the NSWL service on the client system and found that the service is NOT starting.What could be causing this issue?
Question27: A Citrix Engineer needs to configure an Application Firewall policy. According to company policies, the engineer needs to ensure that all the requests made to the website are originating from North America.Which policy expressions will help the engineer accomplish the requirement?
Question28: A Citrix Engineer has received the following message after setting up Application Firewall in Learning mode.August 28 6 03:14:27 <local0.info>XXX.0.0.2.08/28/2017:03:14:27 GMT VPXExtProd01 0-PPE-0:default GUI CMD_EXECUTED 1670370 0: User CitrixAdmin- Remote_ip XXX.19.XXX.XXX-Command"show appfwlearningdata WebPub_vs_af_1 startURL"- Status "ERROR: Communication error with aslearn" What can the engineer perform to resolve the issue?
Question29: Which reason can cause fail over in a NetScaler Management and Analytics System (NMAS) High Availability pair?
Question30: A Citrix Engineer needs to implement Application Firewall to prevent the following tampering and vulnerabilities:- If web server does NOT send a field to the user, the check should NOT allow the user to add that field and return data in the field.- If a field is a read-only or hidden field, the check verifies that data has NOT changed.- If a field is a list box or radio button field, the check verifies that data in the response corresponds to one of the values in that field.Which security check can the engineer enable to meet this requirement?
Question31: A Citrix Engineer has configured NetScaler Web Logging on a Linux client machine. The engineer needs to verify if the log.conf file has been configured correctly and that there are NO syntax errors. Which command can the engineer use to accomplish this?
Question32: Scenario: A Citrix Engineer has deployed four NetScaler MPXs with the following network configuration:- Management traffic is on VLAN 5 (NSIP).- Application and server traffic is on VLAN 10 (SNIP).The engineer added the NetScaler Management and Analytics System (NMAS) interface to VLAN 10 to deploy a NMAS High Availability (HA) pair to manage and monitor the applications and virtual servers.After doing so, the engineer is NOT able to see the NetScaler or applications that need to be managed.How can the engineer resolve the issue?
Question33: Scenario: A Citrix Engineer uses one StyleBook on a NetScaler Management and Analytics System (NMAS) to create multiple load-balanced virtual server configurations for NetScaler instances. The configuration is saved in a config pack.In which two locations is the StyleBookconfig pack saved? (Choose two.)
Question34: Scenario: A Citrix Engineer is trying to optimize a website that is load balanced on a NetScaler and is accessed by mobile users. The web application is complex and made up of hundreds of embedded images, scripts, and other objects per page. This limitation is creating a significant bottleneck, resulting in excessive load times.Which NetScaler feature can the engineer use to optimize the web application?
Question35: Which NetScaler Management Analytics System (NMAS) feature can the Citrix Engineer use to convert configuration tasks performed using the GUI to CLI commands?
Question36: Scenario: A Citrix Engineer has created a default admin user with username Admin1 and password `nsroot' for the tenant example-online. However, the tenant administrator is unable to log in as username Admin1 and password `nsroot'.Which action resolves this problem?
Question37: Scenario: A Citrix Engineer is assigned applications using Role-based Access Control (RBAC) in NetScaler Management and Analytics Systems (NMAS). In the NMAS, the engineer can see all virtual servers under Web Insight > Applications, but is unable to access them.What could be the cause of this behavior?
Question38: Scenario: A Citrix Engineer configured an HTTP Denial-of-Service (DoS) protection policy by setting the Surge Queue depth to 300. The surge queue reaches a size of 308, triggering the NetScaler "attack" mode. The HTTP DoS window mechanism is left at the default size which, when reached, will trigger "no- attack" mode.Which queue depth value must the Surge Queue be to trigger the "no-attack" mode?
Question39: A Citrix Engineer needs generate and present a NetScaler PCI-DSS report to management. The report should include a PCI-DSS summary of the required security measures for PCI-DSS compliance.Where can the engineer generate the report from?