1Y0-240 Exam Training Practice Tests (Citrix ADC 12 Essentials and Traffic Management)]

Question 1

Scenario: A network engineer has configured a load balancing virtual server for an HTTP application. Due to the application architecture, it is imperative that a user's session remains on a single server during the session. The session has an idle timeout of 60 minutes. Some devices are getting inconsistent application access while most are working fine. The problematic devices all have tighter security controls in place. Which step should the engineer take to resolve this issue?

A. Set the cookie timeout to 60 minutes. B. Change the HTTP parameters to Cookie Version 1. C. Configure a backup persistence of SourceIP. D. Utilize SSL offload to enable the application to use SSL.

Correct Answer: C

Question 2

Scenario: A Citrix Administrator suspects an attack on a load balancing virtual server.
The administrator needs to restrict the access to the load balancing virtual server (192.168.100.25) for 10 minutes.
Which Access Control List (ACL) will help to accomplish this requirement?

A. add ns acl rule1 DENY *destlP 192.168.100.25 *TTL 600000 B. add simpleacl rule1 DENY *srclP 192.168.100.25 *TTL 600 C. add ns acl rule1 DENY *destlP 192.168.100.25 *TTL 600 D. add simpleacl rule1 DENY *srclP 192.168.100.25 *TTL 600000

Correct Answer: C

Question 3

Scenario: A network engineer has configured GSLB for a multisite environment. All GSLB services show as UP with an UP MEP status. The engineer has observed that DNS queries are directed to the SNIP of the Citrix ADC; however, no DNS response is being received. How can the engineer resolve this issue?

A. Create a load balancing virtual server for DNS. B. Change the DNS delegation to the NSIP. C. Add an ADNS service on the SNIP. D. Select the "Send all "active" service IPs' in response (MIR)" option.

Correct Answer: C

Question 4

Which command should a Citrix Administrator use to configure a Content Switching virtual server for implementing the Secure Web Gateway in the transparent proxy mode?

A. add csv server swgVS PROXY * * -Authn401 on *authnVsName explicit-auth-vs B. add cs vserver swgVS PROXY * 21 *Authn401 on *authnVsName transparent-auth-vs C. add csv server swgVS PROXY 192.168.10.1 80 *Authn401 on *authnVsName explicit-auth-vs D. add csv server swgVS PROXY 192.168.10.1 *Authn401 on *authnVsName transparent-auth- vs

Correct Answer: A

Explanation: Only visible for TrainingDump members. You can sign-up / login (it's free).

Question 5

Scenario: The Director of network security in a financial organization wants to protect the enterprise network from any external malware threats. To do this, the director needs to gain visibility into otherwise- bypassed traffic and control access to malicious web sites. The director is required to do the following:
Intercept and examine all the traffic, including SSL/TLS (encrypted traffic), coming in, and going out of the enterprise network.
Block access to URLs identified as serving harmful or insecure content. Identify users (employees) in the enterprise who are accessing malicious websites.
Which Citrix ADC deployment mode should a Citrix Administrator use to achieve this requirement?

A. Access Gateway B. Secure Web Gateway C. Citrix ADC Gateway D. Unified Gateway

Correct Answer: B

Question 6

Scenario: A Citrix ADC engineer is adding a new SSL certificate to a Citrix ADC device. During the process the engineer receives an error message:
"Certificate with key size greater than RSA512 or DSA512 bits not supported." The same process has been followed previously on the same model of Citrix ADC successfully.
What is the likely cause of this error?

A. The certificate hostname is invalid. B. The Citrix ADC has not been licensed correctly. C. The CSR has not been submitted to the certificate authority. D. RSA authentication has been added to the VIP.

Correct Answer: B

Question 7

Scenario: A network engineer needs to configure Citrix Citrix ADC to provide Access Gateway services to VLAN 2 using interface 1/1 only, while also using interface 1/2 to provide load balancing services to VLAN 3. How could this result be achieved?

A. Configure policy-based routing using the Interface option as a filter. B. Enable Layer 3 mode
Create a Channel Interface using Interface 1/1 and 1/2 Create 2 VMACs
Bind a VMAC to interface 1/1 and 1/2 C. Disable static route advertisement. D. Disable layer 2 mode
Create 2 untagged VLANs - VLAN 2 and VLAN 3
Bind VLAN 2 to Interface 1/1
Bind VLAN 3 to Interface 1/2

Correct Answer: D

Question 8

Scenario: A network engineer has created an SSL offload virtual server. The virtual server shows as a DOWN state. Which two scenarios could cause the virtual server showing as DOWN?
(Choose two.)

A. A responder policy has been bound. B. The protocol should be SSL_TCP. C. Persistence is set to NONE. D. The service is not bound to the virtual server. E. No SSL certificate is bound to the virtual server.

Correct Answer: D,E

Question 9

Scenario: A network engineer is going to roll out an upgrade from a 9.x version on a standalone Citrix ADC appliance using the command-line interface. Which two items does the engineer need to download before proceeding with the upgrade? (Choose two.)

A. SSL Certificates Files B. Citrix ADC Documentation File C. Citrix ADC Configuration file D. Citrix ADC Firmware File

Correct Answer: B,D

Question 10

An engineer is checking that ports are configured correctly between the Citrix ADC system and a back-end web server. Which command should the engineer use to test that the web server is responding on port 80?

A. telnet webA.example.com port=80 B. telnet webA.example.com 80 C. telnet webA.example.com:80 D. telnet webA.example.com -port 80

Correct Answer: B

Question 11

Scenario: A Citrix Administrator needs to add 10 new web servers to an existing server farm. The new servers are configured to serve the same applications and connections and are twice the capacity of the existing servers. The administrator wants to ensure that they are being fully utilized. Currently in the environment, the default load-balancing method is being used.
To ensure that only the 10 new servers are receiving twice the connections of the old servers without changing the load balancing to the rest of the environment, the administrator needs to add a weight of __________to the services attached to the__________servers. (Choose the correct option to complete the sentence.)

A. 50; old B. 2; old C. 2; new D. 50; new

Correct Answer: C

Question 12

Scenario: A Citrix Administrator is configuring SNMP management on the Citrix ADC to receive alerts when something fails. The administrator was confident that the Manager, Alarms and SNMP Traps were configured correctly. The following week, there was a Citrix ADC-related outage and the administrator did NOT get any alerts.
What could be the reason for the SNMP alert failure?

A. The Citrix ADC is configured for SNMP version 1. B. The Community Name was NOT configured on the Citrix ADC SNMP Trap Destination settings. C. The Citrix ADC Application Firewall is blocking the alerts from going out. D. The Citrix ADC only has Standard licensing.

Correct Answer: B

Question 13

Company policy states that all passwords should travel the network in encrypted packets except SNMP. Which command should the network engineer execute to comply with this policy?

A. set ns ip 10.20.30.40 -gui secureonly -ssh enabled -restrictaccess enabled B. set ns ip 10.20.30.40 -mgmtaccess disabled -restrictaccess enabled C. set ns ip 10.20.30.40 -telnet disabled -gui secureonly -ftp disabled D. set ns ip 10.20.30.40 -ssh disabled -telnet disabled -gui enabled

Correct Answer: C

Citrix ADC 12 Essentials and Traffic Management - 1Y0-240 Exam Practice Test