EMT Practice Test

1. Question Content...


Question List

Question1: What should a Citrix Engineer do when using the Learn feature for Start URL relaxation?

Question2: Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall.
After the Web App Firewall policy afweb_protect is bound to the virtual server, the engineer notices that Citrix Web App Firewall is NOT properly displaying the page.
A positive number for the Policy Hits counter for afweb_protect, tells the engineer the number of times Citrix Web App Firewall ___________. (Choose the correct option to complete the sentence.)

Question3: A Citrix Engineer needs to configure an application firewall profile to ensure that the images uploaded on the website are NOT malicious. The engineer needs to create a policy to filter the upload requests and ensure that they are in JPEG format. Which expression can the engineer use to fulfill this requirement?

Question4: A Citrix Engineer executed the below commands on the NetScaler command-line interface (CLI):
add stream selector cacheStreamSelector http.req.url
add ns limitidentifiercacheRateLimitIdentifier threshold 5 timeSlice 2000 - selectorNamecacheStreamSelector add cache policy cacheRateLimitPolicy rule "http.req.method.eq(get) &&sys.check_limit (\
"cacheRateLimitIdentifier\")" action cache
bind cache global cacheRateLimitPolicy- priority 10
What will be the effect of executing these commands?

Question5: Scenario: A Citrix Engineer is reviewing the log files for a protected application. The engineer discovers a lot of errors pertaining to invalid data being supplied by users.
Which protection can the engineer implement at the Citrix Web App Firewall to reduce these errors?

Question6: Which Citrix Application Delivery Management (ADM) Analytics page allows a Citrix Engineer to monitor Citrix Virtual Apps and Desktops traffic?

Question7: Which feature of Learning should a Citrix Engineer configure to direct Citrix Web App Firewall to learn from specific sessions?

Question8: A Citrix Engineer has determined that users are able to access random URLs on a web site through bookmarks and by manually typing in the URLs to skip the pages required to reach that part of the website. Which two checks can the engineer enable to prevent this attack? (Choose two.)

Question9: Scenario: A Citrix Engineer needs to set up a NetScaler Web Logging (NSWL) client system for logging. The engineer attempted to start the NSWL service on the client system and found that the service is NOT starting.
What could be causing this issue?

Question10: Scenario: A Citrix Engineer implements Application-level Quality of Experience (AppQoE) to protect a web application. The engineer configures the AppQoE action to deliver a custom response from a backup server once the maximum number of concurrent connection is reached.
To achieve this, the engineer should set the Acton Type to ________ and specify the ________.
(Choose the correct option to complete the sentence.)

Question11: Which media-character can be used as an escape character and also can qualify a Meta-Character as literal when used before any character?

Question12: A Citrix Engineer needs to optimize the Cascading Style Sheets (CSS) content sent from the backend server before being forwarded to the client.
Which option can the engineer use to accomplish CSS optimization?

Question13: Scenario: A Citrix Engineer creates a Responder policy to redirect users attempting to access an application protected with Citrix Web App Firewall. Instead of being redirected, users are seeing an 'Access Denied' page.
This is happening because Citrix Web App Firewall is processed ___________. (Choose the correct option to complete the sentence.)

Question14: Scenario: A Citrix Engineer has configured Application Firewall and enabled it in learning mode.
However, the Application Firewall database is reaching full capacity due to excessive requests.
What can the engineer configure to mitigate this issue?

Question15: A Citrix Engineer enabled Cookie Consistency protection on a web application and wants to verify that it is working.
Which cookie name can the engineer look for in the HTTP headers sent from the client to verify the protection?

Question16: Which two actions can a Citrix Engineer use to provide Denial of Service (DoS) protection with the AppQoE feature? (Choose two.)

Question17: In which order is a client request to a protected web application processed?

Question18: A Citrix Engineer needs to ensure that clients always receive a fresh answer from the integrated cache for positive responses (response of 200).
Which two settings can the engineer configure to make sure that clients receive a fresh response when it is needed? (Choose two.)

Question19: Scenario: A Citrix Engineer reviewed the log files of a web application and found the error message below: "Unable to complete request Unrecognized field cext2_price>" Which protection can the engineer implement to prevent this error from happening?

Question20: Which Front End Optimization technique reduces the number of files to be requested for download?

Question21: What can a Citrix Engineer do to decrease browser load times by increasing the number of parallel connections to the resource?

Question22: A Citrix Engineer reviews the App Dashboard and notices that three of the monitored applications have an App Score of less than 50.
The engineer can interpret the App Score as a metric of application ___________. (Choose the correct option to complete the sentence.)

Question23: Scenario: A Citrix Engineer has configured Citrix Application Delivery Management (ADM) to monitor applications presented by Citrix ADC appliances. When reviewing the App Security Dashboard, the engineer finds no data.
What must the engineer do to ensure data is being collected from the applications?

Question24: Scenario: A Citrix Engineer configures Citrix Web App Firewall to protect an application. Upon reviewing the log files, the engineer notices a pattern of forceful browsing toward the configuration page for the application. To protect against this, the engineer enforces Start URL and enables Enforce URL Closure.
What is the effect of enforcing Start URL and enabling Enforce URL Closure on the application?

Question25: A Citrix Engineer has enabled transform action in SQL injection check.
What would the following parameter be transformed into?

Question26: Scenario: A Citrix Engineer is assigned applications using Role-based Access Control (RBAC) in NetScaler Management and Analytics Systems (NMAS). In the NMAS, the engineer can see all virtual servers under Web Insight > Applications, but is unable to access them.
What could be the cause of this behavior?

Question27: Scenario: A Citrix Engineer uses one StyleBook on a NetScaler Management and Analytics System (NMAS) to create multiple load-balanced virtual server configurations for NetScaler instances. The configuration is saved in a config pack.
In which two locations is the StyleBookconfig pack saved? (Choose two.)

Question28: What can a Citrix Engineer do to decrease browser load times by increasing the number of parallel connections to the resource?

Question29: Scenario: A Citrix Engineer has enabled the IP Reputation feature. The engineer wants to protect a critical web application from a distributed denial of service attack.
Which advanced expression can the engineer write for a Responder policy?

Question30: Which Citrix Application Delivery Management (ADM) Analytics page allows a Citrix Engineer to monitor web application traffic?

Question31: Which mechanism does the NetScaler use to enable a safe and speedy data exchange between a client/ server initial TCP handshake?

Question32: Scenario: A Citrix Engineer wants to use Citrix Application Delivery Management (ADM) to monitor a single Citrix ADC VPX with eight web applications and one Citrix Gateway. It is important that the collected data be protected.
Which deployment will satisfy the requirements?

Question33: What can a Citrix Engineer do to aggregate Citrix Web App Firewall log messages to a central location?

Question34: A Citrix Engineer observes the following event in the ns.log:
Aug 3 11:55:58 <local0.info> 10.248.64.10 08/03/2015:15:55:58 GMT ATL0NS01 0-PPE-1:
default APPFW APPFW_STARTURL 406856 0: 10.248.13.13 11152-PPE1 LG
+hd4LkcYiOyQVWvOTsCtSyiv00001 SPI Disallow illegal URL: https://training.citrix.com/login
<blocked>
Which Application Firewall profile has blocked the URL?

Question35: Which two response headers are added by Application Firewall? (Choose two.)

Question36: Which Citrix Application Delivery Management (ADM) feature can a Citrix Engineer use to narrow a list of Citrix ADC devices based on pre-defined criteria?

Question37: Scenario: A Citrix Engineer receives the following error when accessing content from a virtual server:
"Page cannot be displayed."
However, the content is accessible when connecting directly to the web server. The engineer captured the traffic using nstrace and found that the amount of data sent from the web server exceeds the content length defined in the HTTP header. Which action can the engineer take to resolve the issue?

Question38: Scenario: A Citrix Engineer is asked to help improve the performance of a web application. After capturing and analyzing a typical session, the engineer notices a large number of user requests for the stock price of the company.
Which action can the engineer take to improve web application performance for the stock quote?

Question39: Which security option falls under the Negative Security Model for Citrix Application Firewall?

Question40: How can a Citrix Engineer configure a specific LDAP attribute in the nFactor implementation?

Question41: Which Application-level Quality of Experience (AppQoE) Action setting modifies the communication characteristics of the connections established with the associated web application?

Question42: Which three options can be used to specify the destination of an HTTP Callout? (Choose three.)

Question43: Scenario: A Citrix Engineer is asked to implement multi-factor authentication for Citrix Gateway.
The engineer creates the authentication policies and binds the policies to the appropriate bind points. The engineer creates a custom form using Notepad++ to format the page which will capture the user's credentials.
What is the first step the engineer must perform to assign this form to the authentication process?

Question44: Scenario: A Citrix Engineer has configured Security Insight on NetScaler Management and Analytics System (NMAS) with Firmware version 12.0.41.16 to monitor the Application Firewall.
The NetScaler ADC is running version 12.0.51.24 using Enterprise License with Application Firewall only License. However, after enabling Security insight, the engineer is NOT able to see any data under security insight.
What is causing this issue?

Question45: The NetScaler Management and Analytics System (NMAS) needs to communicate with NetScaler instances on the Microsoft Azure and Amazon Web Services (AWS) clouds. Which configuration must a Citrix Engineer make to meet this requirement?

Question46: Scenario: A Citrix Engineer is monitoring the environment with Citrix Application Delivery Management (ADM). Management has asked for a report of high-risk traffic to protected internal websites.
Which dashboard can the engineer use to generate the requested report?

Question47: A Citrix Engineer configures the integrated caching feature to cache both static and dynamic content, but the integrated cache feature does NOT work as expected. Which two resources can the engineer use to troubleshoot this integrated cache issue? (Choose two.)

Question48: Which reason can cause fail over in a Citrix ADC Application Delivery Management High Availability pair?

Question49: Scenario: A Citrix Engineer created the policies in the attached exhibit.
Click the Exhibit button to view the list of policies.

HTTP Request:
GET /resetpassword.htm HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:64.0) Gecko/20100101 Firefox/64.0 Host: www.citrix.com Accept-Language: en-us Accept-Encoding: gzip, deflate Connection: Keep-Alive Which profile will be applied to the above HTTP request?

Question50: Which three protocols in a NetScaler Management and Analytics System (NMAS) can be used to back up the current state of the managed NetScaler instances? (Choose three.)

Question51: Scenario: A Citrix Engineer discovers a security vulnerability in one of its websites. The engineer takes a header trace and checks the Application Firewall logs.
The following was found in part of the logs:
method=GET request = http://my.companysite.net/FFC/sc11.html msg=URL length (39) is greater than maximum allowed (20).cn1=707 cn2=402 cs1=owa_profile cs2=PPE0 cs3=kW49GcKbnwKByByi3 +jeNzfgWa80000 cs4=ALERT cs5=2015 Which type of Application Firewall security check can the engineer configure to block this type of attack?

Question52: Which protection is applied on a server response from a protected application?

Question53: A Citrix Engineer needs to configure Relaxation Rules using the learned data for SQL Injection.
Which setting can the engineer enable in order to avoid false-positive learned rules?

Question54: Scenario: A Citrix Engineer configured signature protections for Citrix Web App Firewall.
Signature Auto- Update has been enabled. Upon reviewing the log files, the engineer notices that the auto update process has an error. In the settings for Signature Auto Update the engineer notices that the URL is blank.
Which URL should the engineer enter to restore the update process?

Question55: Which license must be present on the Citrix ADC for the Citrix Application Delivery Management (ADM) Service to generate HDX Insight reports that present one year's worth of data?

Question56: Scenario: A Citrix Engineer has configured Integrated Caching to improve application performance. Within hours, the Citrix ADC appliance has run out of memory.
Which Content Group setting can the engineer configure to show the caching process until a need is demonstrated?

Question57: A Citrix Engineer has configured SQL Injection security check to block all special characters.
Which two requests will be blocked after enabling this check? (Choose two.)

Question58: How can a Citrix Engineer ensure that the Citrix ADC rejects all HTTP/0.9 requests?

Question59: What is required for implementing the Citrix Application Delivery Management (ADM) Service?

Question60: Scenario: A Citrix Engineer has enabled the Learn function for a Citrix Web App Firewall profile.
After a period of time, the engineer notices that Citrix Web App Firewall is no longer learning any new rules.
What would cause Citrix Web App Firewall to stop learning?

Question61: Which action can be used to place the rule on the relaxation list without being deployed and ensuring that the rule is NOT learned again?

Question62: Which aspect of NetScaler Management and Analytics System (NMAS) can be used to monitor end- to-end ICA traffic flowing through a NetScaler ADC?

Question63: Scenario: A Citrix Engineer created the policies in the attached exhibit.
Click the Exhibit button to view the list of policies.

HTTP Request:
GET /resetpassword.htm HTTP/1.1
User-Agent: Mozilla/5.0 (Windows NT 6.1: WOW64; Trident/7.0; AS; rv:11.0) like Gecko Host: www.citrix.com Accept-Language: en-us Accept-Encoding: gzip, deflate Connection: Keep-Alive Which two profiles will be applied to the above HTTP request? (Choose two.)

Question64: Which Markup Language is used along with NITRO API to create a StyleBook?

Question65: What can a Citrix Engineer use in NetScaler Management and Analytics System (NMAS) to troubleshoot an issue in which users report long response times when accessing a virtual desktop?

Question66: Scenario: A Citrix Engineer has enabled learning on Application Firewall for all the Security checks on a basic profile that is configured in a production environment. However, after a few hours, the Application Firewall has stopped learning new data.
What is causing the issue?

Question67: A Citrix Engineer needs to write a regular expression to treat the URL www.citrix.com as a literal string.
Which regular expression can the engineer use?

Question68: A Citrix Engineer needs to prevent an attack against insecure operating-system or web-server software. The attack can cause the system to crash or behave unpredictably when it receives a data string that is larger than it can handle.
Which security check on the Application Firewall can the engineer enable to prevent such attacks?

Question69: Which report can a Citrix Engineer review to ensure that the Citrix ADC meets all PCI-DSS requirements.

Question70: Scenario: A Citrix Engineer is configuring a Buffer Overflow Security Check. When configuring the options, the engineer notices that the Learn Mode is unavailable. Why is the Learn Mode unavailable in this configuration?

Question71: Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction. Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results?
add appfw profile Test123 startURLAction none- denyURLAction none- cookieConsistencyAction log - cookieTransforms ON cookieEncryptionecryptSessionOnly addCookieFlagshttpOnly - crossSiteScriptingAction none- SQLInjectionAction log stats SQLInjectionTransfrormSpecialChars ON- SQLInjectionCheckSQLWildChars ON fieldFormatAction none bufferOverflowAction none - responseContentType "application/octet- stream"- XMLSQLInjectionAction none XMLXSSAction none- XMLWSIAction none- XMLValidationAction none

Question72: A Citrix Engineer has configured NetScaler Web Logging on a Linux client machine. The engineer needs to verify if the log.conf file has been configured correctly and that there are NO syntax errors. Which command can the engineer use to accomplish this?

Question73: What can a Citrix Engineer do to decrease browser load times by increasing the number of parallel connections to the resource?

Question74: Which two settings can be used when creating a Cache Content group? (Choose two.)

Question75: Which Citrix Web App Firewall profile setting can a Citrix Engineer configure to provide a response when a violation occurs?

Question76: Scenario: A Citrix Engineer has a project to enable Integrated Caching on a NetScaler for a Financial Consulting company whose clients monitor their stocks in real time. Clients are reporting a delay in the displaying of the stock values.
What can the engineer configure on the NetScaler to enable data to be presented to the clients in real time?

Question77: Scenario: A Citrix Engineer implements Application-level Quality of Experience (AppQoE) to protect a web application. Shortly after that, users call to complain that nearly every request is being met with a Captcha.
What can the engineer do to improve the user experience?

Question78: A manager for a hospital billing system wants to display the last four digits of a credit card number when printing invoices.
Which credit card security action does this?

Question79: Which logging does an engineer need to enable as a pre -requisite to geolocation - based logging?

Question80: Scenario: A Citrix Engineer needs to forward the Citrix Web App Firewall log entries to a central management service. This central management service uses an open log file standard.
Which log file format should the engineer use in the Citrix Web App Firewall engine settings to designate the open log file standard?

Question81: Scenario: A Citrix Engineer is implementing Citrix Web App Firewall to protect a new web application. The engineer has created a profile, configured the relaxation rules, and applied signature protections. Additionally, the engineer has assigned the profile to a policy and bound the policy to the application.
What is the next step for the engineer in protecting the web application?

Question82: Scenario: A Citrix Engineer is monitoring the environment with Citrix Application Management (ADM). Management has asked lota report of high-risk traffic to protected internal websites.
Which dashboard can the engineer use to generate the requested report?

Question83: Which NetScaler owned IP address is used by NetScaler Management and Analytics System (NMAS) to communicate with NetScaler Instances?

Question84: Scenario: A Citrix Engineer manages Citrix Application Delivery Management (ADM) for a large holding company. Each division maintains its own ADC appliances. The engineer wants to make Citrix ADM features and benefits available to each group independently.
What can the engineer create for each division to achieve this?

Question85: A Citrix Engineer needs to create an Citrix Web App Firewall Profile. Which statement is applicable when using Signatures for creating an Citrix Web App Firewall Profile?

Question86: Which is a single-digit rating system that indicates the criticalness of attacks on the application, regardless of whether or NOT the application is protected by a NetScaler appliance?

Question87: How can a Citrix Engineer monitor the Citrix ADC appliances to check that all SSL certificates have a key strength of at least 2048 bits from the SSL Dashboard Settings?

Question88: A Citrix Engineer wants to quietly track attempts that cause a web application to display a list of all user accounts.
Which action should the engineer enable to achieve this?

Question89: Which security model should a Citrix Engineer implement to make sure that no known attack patterns pass through Citrix Web App Firewall?

Question90: A company has experienced an outage of their mission-critical website. Upon investigation, the Citrix Engineer determines that the following command was executed on the website:
DROP TABLE table_name
Which security check would have prevented this issue?

Question91: A Citrix Engineer observes that when the application firewall policy is bound to the virtual server, some of the webpages are NOT loading correctly.
Which log file can the engineer use to view the application firewall-related logs in the native format?

Question92: A Citrix Engineer wants to create a configuration job template to add a DNS nameserver to each Citrix ADC instance. What is a valid variable name for the DNS nameserver?

Question93: A Citrix Engineer wants to delegate management of Citrix Application Delivery Management (ADM) to a junior team member.
Which assigned role will limit the team member to view all application-related data?