Ensurepass

 

 

QUESTION 101

Scenario: A network engineer needs to add an NTP server to a NetScaler appliance. The NTP service is configured on 10.10.1.49.

 

Which command should the network engineer use within the command-line interface to add in an NTP server for time synchronization?

 

A.

add ntp server 10.10.1.49

B.

add server NTP 10.10.1.49

C.

add service NTP 10.10.1.49 TCP 123

D.

add service NTP 10.10.1.49 UDP 123

 

Answer: A

 

 

QUESTION 102

A public SSL certificate on a virtual server is about to expire and the NetScaler engineer needs to renew the certificate before it expires.

 

 

 

Citrix 1Y0-351 : Practice Test

Which step must the engineer take to renew the SSL Certificate?

 

A.

Generate a new CSR

B.

Recreate the Private Keys

C.

Execute CRL Management

D.

Update the existing certificate

 

Answer: D

 

 

QUESTION 103

An engineer has bound a policy to a test virtual server.

 

How could the engineer verify that the policy is being applied?

 

A.

Monitor the number of hits for the policy.

B.

Monitor the number of hits for the virtual server.

C.

Enable the AppFlow logging option for the virtual server.

D.

Ensure the policy has a greater priority value than other policies bound to the test virtual server.

 

Answer: A

 

 

QUESTION 104

Scenario: A pair of NetScaler devices have recently been installed into the corporate DMZ. The Netscalers have been installed in two-arm mode, with two interfaces in a Internet- facing VLAN and two interfaces in the internal VLAN. A private management subnet also exists.

 

The NetScaler engineer would like to secure and restrict communication between the management subnet and the SNIP address on that subnet.

 

Which two actions could the engineer take to help with these goals? (Choose two.)

 

A.

Apply an ACL on the specified SNIP.

B.

Remove the ACL list to the internal VLAN.

C.

Remove the NSIP address from the Netscaler.

 

 

 

Citrix 1Y0-351 : Practice Test

D.

Configure the SNIP with the -gui SECUREONLY option.

 

Answer: AD

 

 

QUESTION 105

An engineer should use the filter (content filtering) feature to prevent __________ and __________. (Choose the two correct options to complete the sentence.)

 

A.

the use of unauthorized HTTP methods

B.

a client from accessing a specific IP on the back-end

C.

inappropriate HTTP headers from being sent to your Web server

D.

inappropriate MSSQL commands from being sent to your SQL server

E.

a client from a specific VLAN ID to access resources on the NetScaler

 

Answer: AC

 

 

QUESTION 106

Scenario: A NetScaler engineer configured a service and server for RADIUS authentication. To ensure that the RADIUS service is available and responding to authentication requests, the engineer has added the NetScaler built-in monitor to the service. On inspecting the RADIUS service the engineer notices it is marked as DOWN.

 

What could be causing this issue?

 

A.

The built-in monitor has been changed.

B.

RADIUS accounting must be enabled under the server.

C.

There is no built-in monitor available to monitor RADIUS.

D.

The NetScaler-owned IP address has not been added to the RADIUS database.

 

Answer: D

 

 

QUESTION 107

An engineer has two NetScaler devices in two different datacenters and wants to create a high availability (HA) pair with the two devices, even though they are on two different

 

 

 

Citrix 1Y0-351 : Practice Test

subnets.

 

How can the engineer configure the HA Pair between the two NetScaler devices?

 

A.

Configure StaySecondary on the second datacenter appliance.

B.

Ensure that INC mode is enabled during the creation of the HA Pair.

C.

Enable the HAMonitors on all interfaces after the HA Pair has been created.

D.

Change the NSIP of the second appliance to be on the same subnet as the first appliance.

 

Answer: B

 

 

QUESTION 108

Which two parameters in the TCP buffering settings can be controlled by a network engineer? (Choose two.)

 

A.

buffering size

B.

source IP range

C.

destination IP range

D.

memory size for buffering

 

Answer: AD

 

 

QUESTION 109

A network engineer has started at a new company and has been instructed to restrict access to an external facing VIP to selected third party clients, based on their source IP address range.

 

What could the engineer do to accomplish this task?

 

A.

Enable USNIP mode on the Netscaler.

B.

Enable the host route option on the external VIP.

C.

Create an Extended ACL based on the source IP address.

D.

Create a SNIP address in the external VLAN limited to the source IP addresses.

 

Answer: C

Citrix 1Y0-351 : Practice Test

 

 

QUESTION 110

Scenario: The NetScaler is connected to two subnets. The NSIP is 10.2.9.12. The external SNIP is 10.2.7.3. The MIP for internal access is 10.2.9.3. Web servers, authentication servers and time servers are on the 10.2.10.0/24 network which is available through the 10.2.9.1 router. The external firewall has the 10.2.7.1 address. Traffic bound for Internet clients should flow through the external firewall.

 

Which command should be used to set the default route?

 

A.

add route 0.0.0.0 0.0.0.0 10.2.7.1

B.

add route 0.0.0.0 0.0.0.0 10.2.9.1

C.

add route 10.0.0.0 255.0.0.0 10.2.9.1

D.

add route 10.0.0.0 255.0.0.0 10.2.7.1

 

Answer: A

 

Free VCE & PDF File for Citrix 1Y0-351 Real Exam

Instant Access to Free VCE Files: CompTIA | VMware | SAP …
Instant Access to Free PDF Files: CompTIA | VMware | SAP …

Comments are closed.