EMT Practice Test

1. Question Content...


Question List

Question1: Scenario: A Citrix Engineer configures Citrix Web App Firewall to protect an application. Users report that they are NOT able to log on. The engineer enables a Start URL relaxation for the path
//login.aspx.
What is the effect of the Start URL relaxation on the application?

Question2: Scenario: A Citrix Engineer reviewed the log files of a web application and found the error message below: "Unable to complete request Unrecognized field cext2_price>" Which protection can the engineer implement to prevent this error from happening?

Question3: Scenario: A Citrix Engineer needs to configure Application Firewall to handle SQL injection issues.
However, after enabling SQL injection check, the backend server started dropping user requests.
The Application Firewall configuration is as follows:
add appfw profile Test123 startURLAction none- denyURLAction none-crossSiteScriptingAction none - SQLInjectionAction log stats- SQLInjectionTransformSpecialChars ON SQLInjectionCheckSQLWildChars ON- fieldFormatAction none- bufferOverflowAction none- responseContentType "application/octet-stream" XMLSQLInjectionAction none- XMLXSSAction none-XMLWSIAction none- XMLValidationAction none What does the engineer need to change in the Application Firewall configuration?

Question4: A manager for a hospital billing system wants to display the last four digits of a credit card number when printing invoices.
Which credit card security action does this?

Question5: A Citrix Engineer needs to configure an application firewall profile to ensure that the images uploaded on the website are NOT malicious. The engineer needs to create a policy to filter the upload requests and ensure that they are in JPEG format. Which expression can the engineer use to fulfill this requirement?

Question6: A manager for a hospital billing system wants to display the last four digits of a credit card number when printing invoices.
Which credit card security action does this?

Question7: What can a Citrix Engineer use in NetScaler Management and Analytics System (NMAS) to troubleshoot an issue in which users report long response times when accessing a virtual desktop?

Question8: Which variable will display the client's source IP address when added to an HTML Error Object page?

Question9: A Citrix Engineer has found issues in the websites after enabling Application Firewall. Which logs on the NetScaler can the engineer check to verify that the issues are NOT caused by Application Firewall?

Question10: In PCRE, the only characters assumed to be literals are ___________ (Choose the correct option to complete the sentence.)

Question11: Scenario: A Citrix Engineer is notified that improper requests are reacting the web application.
While investigating, the engineer notices that the Citrix Web App Firewall policy has zero hits.
What are two possible causes for this within the Citrix Web App Firewall policy? (Choose two.)

Question12: A Citrix Engineer has deployed Front-end Optimization on NetScaler. The following are the snippets of the content before and after optimization.
Before Optimization:

After Optimization:

Which optimization technique has been applied to the content?

Question13: What is required for connecting a data center to the Citrix Application Delivery Management (ADM) Service?

Question14: Scenario: A Citrix Engineer is asked to implement multi-factor authentication for Citrix Gateway. The engineer creates the authentication policies and binds the policies to the appropriate bind points. The engineer creates a custom form using Notepad++ to format the page which will capture the user's credentials.
What is the first step the engineer must perform to assign this form to the authentication process?

Question15: A review of purchases made at an online retailer shows that several orders were processed for items at an unpublished price.
Which protection can a Citrix Engineer implement to prevent a site visitor from modifying the unit price of a product on the shopping cart page?

Question16: How can a Citrix Engineer monitor the Citrix ADC appliances to check that all SSL certificates have a key strength of at least 2048 bits from the SSL Dashboard Settings?

Question17: Which Markup Language is used along with NITRO API to create a StyleBook?

Question18: Scenario: A Citrix Engineer needs to ensure that the flow of traffic to a web application does NOT overwhelm the server. After thorough testing, the engineer determines that the application can handle a maximum of 3,000 requests per minute. The engineer builds a limit identifier, rl_maxrequests, to enforce this limitation.
Which advanced expression can the engineer write in the Responder policy to invoke rate limiting?

Question19: A Citrix Engineer wants to delegate management of Citrix Application Delivery Management (ADM) to a junior team member.
Which assigned role will limit the team member to view all application-related data?

Question20: Scenario: A Citrix Engineer has configured LDAP group extraction on the NetScaler Management and Analytics System (NMAS) for the administration. The engineer observes that extraction is NOT working for one of the five configured groups.
What could be the cause of the issue?

Question21: A Citrix Engineer needs to protect a website that contains sensitive data such as employee ID numbers and customer ID numbers.
Which security check can the engineer implement to protect the sensitive data?

Question22: A Citrix Engineer needs to create a configuration job to clone a configuration from an existing Citrix ADC to a new Citrix ADC.
Which configuration source can the engineer use to accomplish this?

Question23: Scenario: A Citrix Engineer creates a Responder policy to redirect users attempting to access an application protected with Citrix Web App Firewall. Instead of being redirected, users are seeing an `Access Denied' page.
This is happening because Citrix Web App Firewall is processed ___________. (Choose the correct option to complete the sentence.)

Question24: Statistics for which three types of violations are presented on the App Security Dashboard?
(Choose three.)

Question25: Scenario: A Citrix Engineer implements Application-level Quality of Experience (AppQoE) to protect a web application. The engineer configures the AppQoE action to deliver a custom response from a backup server once the maximum number of concurrent connection is reached.
To achieve this, the engineer should set the Acton Type to ________ and specify the ________.
(Choose the correct option to complete the sentence.)

Question26: Scenaho: A Citrix Engineer needs to block requests from a list of IP addresses in a database maintained by the Security team. The Security team has built a web application that will send a response of either "Blocked" or "Allowed," based on whether the given IP address is on the list. Which expression should the engineer use to extract the status for policy processing?

Question27: Scenario: A hacker accessed the HTML code from a product page and manipulated the HTML code as shown:
Original Value: <input type=hidden name=price value=2379.73> Manipulated Value: <input type=hidden name=price value=9.24> Which security check can the engineer configure to counter the manipulation?

Question28: A Citrix Engineer has defined an HTTP Callout, hc_authorized_location, to return the value "Authorized" if client's IP address is on a list of authorized external locations.
Which advanced expression should the engineer use in a policy for testing this condition?

Question29: Which Front End Optimization technique overcomes the parallel download limitation of web browsers?

Question30: A Citrix Engineer observes that the servers hosting a critical application are crashing on a regular basis. Which protection could the engineer implement on a Citrix Web App Firewall in front of the application?

Question31: A Web Application Engineer is reviewing log files and finds that a large number of bad HTTP requests are being sent to the web application servers.
What can the Citrix ADC Engineer to do prevent bad HTTP requests from getting to the web application?

Question32: Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall. The engineer enables the Learn action for the Start URL, HTML, Cross-Site Scripting, and HTML SQL Injection protections. The engineer assigns this profile to a policy, which is then bound to the virtual server.
Which two items can the engineer check to determine that the Learn action is NOT capturing any rules? (Choose two.)

Question33: A Citrix Engineer is considered that malicious users could exploit a web system by sending a large cookie. Which security check can the engineer implement to address this concern?

Question34: Scenario: A Citrix Engineer has enabled Security insight and Web insight on NetScaler Management and Analytics System (NMAS). The engineer is NOT able to see data under the Analytics on NMAS, in spite of seeing hits on the APPFLOW policy.
Which log should the engineer check on NMAS to ensure that the information is sent from NetScaler?

Question35: Which NetScaler Management Analytics System (NMAS) feature can the Citrix Engineer use to convert configuration tasks performed using the GUI to CLI commands?

Question36: Scenario: A Citrix Engineer has configured NetScaler Management and Analytics System (NMAS) with the default settings. In this configuration, the total number of virtual servers is lower than the number of installed virtual server licenses.
Which type of virtual server will NOT be automatically licensed by the NMAS on discovered instances?

Question37: Which is a single-digit rating system that indicates the criticalness of attacks on the application, regardless of whether or NOT the application is protected by a NetScaler appliance?

Question38: Scenario: A Citrix Engineer is reviewing the Citrix Web App Firewall log files using the GUI. Upon further analysis, the engineer notices that legitimate application traffic is being blocked.
What can the engineer do to allow the traffic to pass through while maintaining security?

Question39: Which action ensures that content is retrieved from the server of origin?

Question40: Scenario: A Citrix Engineer implements Application-level Quality of Experience (AppQoE) to protect a web application. The engineer configures the AppQoE action to deliver a custom response from a backup server once the maximum number of concurrent connection is reached.
To achieve this, the engineer should set the Acton Type to________and specify the_______. (Choose the correct option to complete the sentence.)

Question41: Which build-in TCP profile can a Citrix Engineer assign to a virtual server to improve performance for users who access an application from a remote office over an ATM connection?

Question42: A Citrix Engineer wants to quietly track attempts that cause a web application to display a list of all user accounts.
Which action should the engineer enable to achieve this?

Question43: Which Citrix Application Delivery Management (ADM) Analytics page allows an engineer to monitor the metrics of end-point analysis and authentication failures?

Question44: A Citrix Engineer has correctly installed and configured the NetScaler Web Logging (NSWL) client but has noticed that logs are NOT being updated.
What could be causing this issue?

Question45: Which protection can a Citrix Engineer implement to prevent a hacker from extracting a customer list from the company website?

Question46: What can a Citrix Engineer do to aggregate Citrix Web App Firewall log messages to a central location?

Question47: Which Front End Optimization technique overcomes the parallel download limitation of web browsers?

Question48: Scenario: A Citrix Engineer configures Citrix Web App Firewall to protect an application. Upon reviewing the log files, the engineer notices a pattern of forceful browsing toward the configuration page for the application. To protect against this, the engineer enforces Start URL and enables Enforce URL Closure.
What is the effect of enforcing Start URL and enabling Enforce URL Closure on the application?

Question49: A Citrix Engineer needs to write a regular expression to treat the URL www.citrix.com as a literal string.
Which regular expression can the engineer use?

Question50: Scenario: A Citrix Engineer is reviewing the log files for a protected application. The engineer discovers a lot of errors pertaining to invalid data being supplied by users.
Which protection can the engineer implement at the Citrix Web App Firewall to reduce these errors?

Question51: A Citrix Engineer needs to configure an Application Firewall policy. According to company policies, the engineer needs to ensure that all the requests made to the website are originating from North America. Which policy expressions will help the engineer accomplish the requirement?

Question52: When the NetScaler marks a client connection as "non-trackable", the default behavior of the NetScaler without making any change to the HTTP Profile is to ______. (Choose the correct option to complete the sentence.)

Question53: Which action can be used to place the rule on the relaxation list without being deployed and ensuring that the rule is NOT learned again?

Question54: Which logging does an engineer need to enable as a pre -requisite to geolocation - based logging?

Question55: Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall. After the Web App Firewall policy afweb_protect is bound to the virtual server, the engineer notices that pages are displaying in plain text with graphics included.
What is the likely cause of this?

Question56: Scenario: A Citrix Engineer needs to limit Front End Optimization (FEO) on a web application to mobile users with mobile devices. The engineer decides to create and bind an FEO policy.
Which advanced expression should the engineer use in the FEO policy?

Question57: Which report can a Citrix Engineer review to ensure that the Citrix ADC meets all PCI-DSS requirements.

Question58: Scenario: A Citrix Engineer manages Citrix Application Delivery Management (ADM) for a large holding company. Each division maintains its own ADC appliances. The engineer wants to make Citrix ADM features and benefits available to each group independently.
What can the engineer create for each division to achieve this?

Question59: Which protection is applied on a server response from a protected application?

Question60: A Citrix Engineer observes that when the application firewall policy is bound to the virtual server, some of the webpages are NOT loading correctly.
Which log file can the engineer use to view the application firewall-related logs in the native format?

Question61: What can a Citrix Engineer do to decrease browser load times by increasing the number of parallel connections to the resource?

Question62: Scenario: A Citrix Engineer has configured an IP Reputation policy and Profile in Application Firewall. However, the engineer is NOT able to see any hits on the policy during testing. Which logs can the engineer check to ensure that IP Reputation is configured correctly?

Question63: Which data populates the Events Dashboard?

Question64: Which Citrix Application Delivery Management (ADM) Analytics page allows a Citrix Engineer to monitor web application traffic?

Question65: A Citrix Engineer is reviewing the log files for a sensitive web application and notices that someone accessed the application using the engineer's credentials while the engineer was out of the office for an extended period of time.
Which production can the engineer implement to protect against this vulnerability?

Question66: Scenario: A Citrix Engineer notices that a web page takes a long time to display. Upon further investigation, the engineer determines that the requested page consists of a table of high- resolution pictures which are being displayed in table cells measuring 320 by 180 pixels.
Which Front End Optimization technique can the engineer enable on the Citrix ADC to improve time to display?

Question67: Scenario: A Citrix Engineer wants to use Citrix Application Delivery Management (ADM) to monitor a single Citrix ADC VPX with eight web applications and one Citrix Gateway. It is important that the collected data be protected.
Which deployment will satisfy the requirements?

Question68: Scenario: A Citrix Engineer is configuring a Buffer Overflow Security Check. When configuring the options, the engineer notices that the Learn Mode is unavailable. Why is the Learn Mode unavailable in this configuration?

Question69: Scenario: A Citrix Engineer is implementing Integrated Caching to increase performance of a web application. The Application Engineer replaces a small logo on the main page with a new one. Later on, when the engineer attempts to access the page, the old logo is displayed. Which enabled setting in the Content Group would cause this to happen?

Question70: Scenario: A Web Application Developer asked a Citrix Engineer to implement Citrix Web App Firewall protections. To provide consistency in branding, the developer asked that the web server provide a custom message when a violation occurs. Which profile setting does the engineer need to configure to provide the custom message?

Question71: Scenario: A Citrix Engineer configured signature protections for Citrix Web App Firewall. Signature Auto- Update has been enabled. Upon reviewing the log files, the engineer notices that the auto update process has an error. In the settings for Signature Auto Update the engineer notices that the URL is blank.
Which URL should the engineer enter to restore the update process?

Question72: Scenario: A Citrix Engineer receives the following error when accessing content from a virtual server:
"Page cannot be displayed."
However, the content is accessible when connecting directly to the web server. The engineer captured the traffic using nstrace and found that the amount of data sent from the web server exceeds the content length defined in the HTTP header. Which action can the engineer take to resolve the issue?

Question73: Which build-in TCP profile can a Citrix Engineer assign to a virtual server to improve performance for users who access an application from a remote office over an ATM connection?

Question74: Which method is used by NetScaler Management and Analytics System (NMAS) to gather licensing information from NetScaler?

Question75: A Citrix Engineer needs to configure an AppQoE action to deliver content from an alternate service. Which three parameters should the engineer configure to meet this requirement? (Choose three.)

Question76: Scenario: A Citrix Engineer wants to configure the Citrix ADC for OAuth authentication. The engineer uploads the required certificates, configure the actions, and creates all the necessary policies. After binding the authentication policy to the application, the engineer is unable to authenticate.
What is the most likely cause of this failure?

Question77: What is required for connecting a data center to the Citrix Application Delivery Management (ADM) Service?

Question78: Scenario: A Citrix Engineer is notified that improper requests are reacting the web application. While investigating, the engineer notices that the Citrix Web App Firewall policy has zero hits.
What are two possible causes for this within the Citrix Web App Firewall policy? (Choose two.)

Question79: Scenario: A Citrix Engineer configured signature protections for Citrix Web App Firewall.
Signature Auto- Update has been enabled. Upon reviewing the log files, the engineer notices that the auto update process has an error. In the settings for Signature Auto Update the engineer notices that the URL is blank.
Which URL should the engineer enter to restore the update process?

Question80: What should a Citrix Engineer do when using the Learn feature for Start URL relaxation?

Question81: Scenario: A Citrix Engineer is asked to implement multi-factor authentication for Citrix Gateway. The engineer creates the authentication policies and binds the policies to the appropriate bind points. The engineer creates a custom form using Notepad++ to format the page which will capture the user's credentials.
To which folder on the Citrix ADC will the engineer need to upload this form?

Question82: Which NetScaler Management and Analytics System (NMAS) feature will assist the Citrix Engineer in gathering the required data for issues with Endpoint Analysis?

Question83: Scenario: A Citrix Engineer used Learning to establish the HTML SQL Injection relaxations for a critical web application. The engineer now wishes to begin working on the protections for a different web application. The name of the Web App Profile is appfw_prof_customercare.
Which CLI command can the engineer use to empty the Learn database?

Question84: What criteria must be met in order to create a certificate bundle by linking multiple certificates in NetScaler Management and Analytics System (NMAS)?

Question85: Which protection ensures that links to sensitive pages can only be reached from within an application?

Question86: Which setting in the Cookie Consistency protection feature does a Citrix Engineer need to configure to ensure that all a cookie is sent using TLS only?

Question87: A Citrix Engineer has determined that users are able to access random URLs on a web site through bookmarks and by manually typing in the URLs to skip the pages required to reach that part of the website.
Which two checks can the engineer enable to prevent this attack? (Choose two.)

Question88: Which Front End Optimization technique causes the Citrix ADC to resize images before sending them to the client?

Question89: Which three items does Citrix Application Delivery Management (ADM) require when adding an instances?
(Choose three.)

Question90: Scenario: A Citrix Engineer configured an HTTP Denial-of-Service (DoS) protection policy by setting the Surge Queue depth to 300. The surge queue reaches a size of 308, triggering the NetScaler "attack" mode. The HTTP DoS window mechanism is left at the default size which, when reached, will trigger "no- attack" mode.
Which queue depth value must the Surge Queue be to trigger the "no-attack" mode?

Question91: Scenario: A Citrix Engineer reviews the log files for a business-critical web application. The engineer notices a series of attempts to directly access a file, /etc/passwd.
Which feature can the engineer implement to protect the application against this attack?

Question92: Which two protections ensure that the correct data is returned by the client? (Choose two.)

Question93: Scenario: A Citrix Engineer has configured Application Firewall and enabled it in learning mode. However, the Application Firewall database is reaching full capacity due to excessive requests. What can the engineer configure to mitigate this issue?

Question94: Which feature of Learning should a Citrix Engineer configure to direct Citrix Web App Firewall to learn from specific sessions?

Question95: Scenario: A Citrix Engineer is notified that improper requests are reacting the web application. While investigating, the engineer notices that the Citrix Web App Firewall policy has zero hits.
What are two possible causes for this within the Citrix Web App Firewall policy? (Choose two.)

Question96: Which action ensures that content is retrieved from the server of origin?

Question97: A Citrix Engineer observes that after enabling the security checks in Learning mode only in an Application Firewall profile, the NetScaler is blocking the non-RFC compliant HTTP packets. What can the engineer modify in the configuration to resolve this issue?

Question98: Which license must be present on the Citrix ADC for the Citrix Application Delivery Management (ADM) Service to generate HDX Insight reports that present one year's worth of data?

Question99: A Citrix Engineer wants to delegate management of Citrix Application Delivery Management (ADM) to a junior team member.
Which assigned role will limit the team member to view all application-related data?

Question100: Scenario: A Citrix Engineer has configured an IP Reputation policy and Profile in Application Firewall.
However, the engineer is NOT able to see any hits on the policy during testing. Which logs can the engineer check to ensure that IP Reputation is configured correctly?

Question101: In which order is a client request to a protected web application processed?

Question102: Which two security checks invoke sessionization? (Choose two.)