Weekend Special Sale Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: buysanta

Exact2Pass Menu

Question # 4

Scenario: A Junior Citrix Administrator needs to create a content switching vServer on a Citrix ADC high availability (HA) pair. The NSIP addresses are 192.168.20.10 and 192.168.20.11. The junior administrator connects to NSIP address 192.168.20.10 and saves the changes.

The following day, a Senior Citrix Administrator tests the new content switching vServer, but it is NOT working. The senior administrator connects to the HA pair and discovers that everything the junior administrator configured is NOT visible.

Why has the Citrix ADC lost the newly added configurations?

A.

The junior administrator made the changes and did NOT force a failover to save the configuration.

B.

The junior administrator connected to the NSIP of the secondary Citrix ADC in the HA pair.

C.

Both Citrix ADCs in the HA pair restarted overnight.

D.

The Citrix ADC appliances have different firmware versions.

Full Access
Question # 5

Scenario: A Citrix Administrator made changes to a Citrix ADC, deleting parts of the configuration and saving

some new ones. The changes caused an outage that needs to be resolved as quickly as possible. There is no Citrix ADC backup.

What does the administrator need to do to recover the configuration quickly?

A.

Restart the Citrix ADC.

B.

Restore from the revision history.

C.

Run saved versus running configuration.

D.

Run highly availability (HA) file synchronization.

Full Access
Question # 6

Scenario: A load-balancing vServer is configured to utilize the least bandwidth load-balancing method. A service attached to this vServer is brought into the effective state during production hours.

During the startup of a vServer, which load-balancing method is used by default?

A.

Least connections

B.

Least bandwidth

C.

Custom load

D.

Round-robin

Full Access
Question # 7

Scenario: Client connections to certain vServers are abnormally high. A Citrix Administrator needs to be alerted whenever the connections pass a certain threshold.

How can the administrator use Citrix Application Delivery Management (ADM) to accomplish this?

A.

Configure network reporting on the Citrix ADM by setting the threshold and email address.

B.

Configure SMTP reporting on the Citrix ADM by adding the threshold and email address.

C.

Configure TCP Insight on the Citrix ADM.

D.

Configure specific alerts for vServers using Citrix ADM.

Full Access
Question # 8

Scenario: A Citrix Administrator currently manages a Citrix ADC environment for a growing retail company that may soon double its business volume. A Citrix ADC MPX 5901 is currently handling web and SSL transactions, but is close to full capacity. Due to the forecasted growth, the administrator needs to find a cost-effective solution.

What cost-effective recommendation can the administrator provide to management to handle the growth?

A.

The addition of another MPX 5901 appliance

B.

A hardware upgrade to a Citrix ADC MPX 8905

C.

A license upgrade to a Citrix ADC MPX 5905

D.

A hardware upgrade to a Citrix ADC SDX 15020

Full Access
Question # 9

Which Citrix ADC Access Control List (ACL) command can a Citrix Administrator use to bridge traffic originating from the IP address 192.168.10.200?

A.

add ns simpleacl6

B.

add ns simpleacl

C.

add ns acl

D.

add ns acl6

Full Access
Question # 10

To protect an environment against Hash DoS attacks, which two configurations can a Citrix Administrator use to block all post requests that are larger than 10,000 bytes? (Choose two.)

A.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”)&&

http.REQ.CONTENT_LENGTH.GT(10000)”

> add rewrite policy drop_rewrite expr_hashdos_prevention DROP

> bind rewrite global drop_rewrite 100 END –type REQ_OVERRIDE

B.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”)&&

http.REQ.CONTENT_LENGTH.GT(10000)”

> add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP

> bind responder global pol_resp_hashdos_prevention 70 END –type REQ_OVERRIDE

C.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”) ||

http.REQ.CONTENT_LENGTH.GT(10000)”

> add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP

> bind responder global pol_resp_hashdos_prevention 70 END –type REQ_OVERRIDE

D.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”) ||

http.REQ.CONTENT_LENGTH.GT(10000)”

> add rewrite policy drop_rewrite expr_hashdos_prevention DROP

> bind rewrite global drop_rewrite 70 END –type REQ_OVERRIDE

E.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”) ||

http.REQ.CONTENT_LENGTH.GT(10000)”

> add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP

> bind responder global pol_resp_hashdos_prevention 100 END –type REQ_OVERRIDE

F.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”) ||

http.REQ.CONTENT_LENGTH.GT(10000)”

> add rewrite policy drop_rewrite expr_hashdos_prevention DROP

> bind rewrite global drop_rewrite 100 END –type REQ_OVERRIDE

Full Access
Question # 11

Scenario: In general, it is recommended to do the following:

Use _________ if you want the Citrix ADC to reset or drop a connection based on a client or request-based parameter.

Use _________ to redirect traffic or respond with custom messages.

Use _________ for manipulating data on HTTP requests and responses.

A.

rewrite, rewrite, responder

B.

responder, responder, rewrite

C.

rewrite, responder, rewrite

D.

responder, redirect, rewrite

Full Access
Question # 12

A Citrix Administrator needs to configure a rate-limiting policy setting DNS requests to a threshold of 1,000 per second.

Which command does the administrator need to run to correctly configure this policy?

A.

HTTP.REQ.LIMIT()

B.

SYS.CHECK.LIMIT()

C.

SYS.CHECK.LIMIT() || CONNECTION.IP.LIMIT()

D.

SYS.CHECK.LIMIT() || HTTP.REQ.LIMIT()

Full Access
Question # 13

Scenario: A Citrix Administrator needs to create local, limited-privilege user accounts for other administrators. The other administrators will require only:

Read-only access

The ability to enable and disable services and servers

Which built-in command policy permission level can the administrator use?

A.

Operator

B.

Network

C.

Sysadmin

D.

Read-only

Full Access
Question # 14

set gslb vServer-GSLB-1-MIR ENABLED

What will the Citrix ADC appliance send when the above command is executed?

A.

The Remote GSLB service as the first record in the response and adds the remaining active services as additional records

B.

The Local GSLB service as the first record in the response and adds the remaining active services as additional records

C.

Only the best GSLB service in the response

D.

The best global server load balancing (GSLB) service as the first record in the response, and the remaining active services as additional records

Full Access
Question # 15

Scenario: A Citrix Administrator created and bound multiple content switching policies. During testing, attempts to access https://cs.mycompany.com resulted in the error message below:

HTTP 503 Service Unavailable

In a Citrix ADC configuration, what can the administrator do to fix the error?

A.

Disable the spillover redirect URL.

B.

Bind a certificate

C.

Enable the content switching feature

D.

Check the priorities of the existing policies

Full Access
Question # 16

Scenario: A Citrix Administrator is running an e-commerce web service that uses backend SQL and RADIUS servers. The e-commerce platform runs on a web server using port 80, and a website status page on port 99 reports the status of all servers.

Which monitor should the administrator choose to confirm the availability of the e-commerce solution?

A.

HTTP on port 99

B.

HTTP-ECV on port 80

C.

HTTP on port 80

D.

HTTP_ECV on port 99

Full Access
Question # 17

Users are experiencing resets from the intranet server website, which is load balanced through the Citrix ADC.

Which Citrix ADC tool can a Citrix Administrator use to troubleshoot the reset issue?

A.

View the newnslog from the command line interface (CLI) to look for packet resets from the Citrix ADC.

B.

Use the nslog to look for packet resets on the Citrix ADC.

C.

Take a packet trace with nstrace and analyze with Wireshark.

D.

Look in the event viewer for packet resets from the Citrix ADC

Full Access
Question # 18

Scenario: A Citrix Administrator manages an environment that has a Citrix ADC high availability (HA) pair running on two MPX appliances. The administrator notices that the state of the secondary Citrix ADC is ‘Unknown’.

What is causing the secondary state to be ‘Unknown’?

A.

The synchronization on the secondary appliance is disabled.

B.

TCP port 22 is disabled between the primary and secondary ADCs.

C.

The administrator made both Citrix ADCs primary.

D.

The remote procedure call (RPC) nodes are incorrectly configured.

Full Access
Question # 19

Which two steps are necessary to configure global server load balancing (GSLB) service selection using content switching (CS)? (Choose two.)

A.

Bind the domain to the CS vServer instead of the GSLB vServer.

B.

Configure CS policies that designate a load-balancing vServer as the target vServer.

C.

Configure a CS vServer of target type GSLB.

D.

Bind the GSLB domain to the GSLB vServer.

Full Access
Question # 20

Which Citrix ADC platform offers an out-of-the-box multi-tenant solution?

A.

VPX

B.

SDX

C.

MPX

D.

CPX

Full Access
Question # 21

Scenario: Users are trying to access https://cs.mycompany.com, but are receiving the error below:

HTTP 503 Service Unavailable

What can a Citrix Administrator change in the Citrix ADC configuration to fix this?

A.

Enable the content switching feature.

B.

Disable the spillover redirect URL.

C.

Bind a certificate.

D.

Bind the default load-balancing vServer.

Full Access
Question # 22

Which two policies can a Citrix Administrator configure using only the advanced policy expression? (Choose two.)

A.

DNS

B.

Integrated caching

C.

SSL

D.

System

Full Access
Question # 23

Scenario: A Citrix Administrator configured SNMP to send traps to an external SNMP system. When reviewing the messages, the administrator notices several entity UP and entity DOWN messages.

To what are these messages related?

A.

Load-balancing vServers

B.

Network interface

C.

High availability nodes

D.

SSL profile

Full Access
Question # 24

Scenario: While attempting to access web server that is load balanced by a Citrix ADC using HTTPS, a user receives the message below.

SSL/TLS error: You have not chosen to trust “Certificate Authority” the issuer of the server’s security certificate.

What can a Citrix Administrator do to prevent users from viewing this message?

A.

Ensure that users have the certificate’s private key.

B.

Ensure that users have the certificate’s public key.

C.

Ensure that the server certificate is linked to its respective intermediate and root certificates.

D.

Ensure that users have the server certificate installed.

Full Access
Question # 25

Scenario: A company has three departments with proprietary applications that need to be load balanced on a Citrix ADC. The three department managers would like to use the same IP address to access their individual applications. This would mean configuring three load-balanced vServers, all using the same IP address.

What can the Citrix Administrator configure for this scenario?

A.

Three SNIPs with the same IP address on a Citrix ADC

B.

Three different Citrix ADCs that use the same IP address

C.

Three different admin partitions that allow use of the same IP address for each load-balanced vServer on a Citrix ADC

D.

Three different load-balanced vServers with three different IP addresses on a Citrix ADC

Full Access
Question # 26

Scenario: A Citrix Administrator is concerned about the number of health checks the Citrix ADC is sending to backend resources. The administrator wants to find a way to remove health checks from specific bound services.

How can the administrator accomplish this?

A.

Unbind the current monitor.

B.

Use the no-monitor option.

C.

Use service groups to minimize health checks.

D.

Use reverse-condition monitoring.

Full Access
Question # 27

Scenario: While using the GUI, a Citrix ADC MPX appliance becomes unresponsive. A Citrix Administrator needs to restart the appliance and force a core dump for analysis.

What can the administrator do to accomplish this?

A.

Turn off the appliance using the power button.

B.

Use the reset button on the front of the appliance.

C.

Use the NMI button on the back of the appliance.

D.

Connect to a USB port to issue a restart command.

Full Access
Question # 28

Scenario: After deploying a Citrix ADC in production, a Citrix Administrator notices that client requests are NOT being evenly distributed among backend resources. The administrator wants to change from the default loadbalancing method to one that will help distribute the load more evenly.

Which load-balancing method would ensure that the server with the least amount of network utilization is receiving new connections?

A.

Least connection

B.

Least bandwidth

C.

Least response time

D.

Least packets

Full Access
Question # 29

A Citrix Administrator receives user complaints about latency while accessing an application that is load balanced on the Citrix ADC.

Which tool can the administrator use to gather information regarding response time, client network latency, and server-side processing time?

A.

Citrix Application Delivery Management (ADM)

B.

HDX Insight

C.

WAN Insight

D.

Security Insight

Full Access
Question # 30

A Citrix Administrator deploys a new Citrix ADC MPX appliance in the demilitarized zone (DMZ), with one interface in the DMZ and the other on the internal network.

In which mode should the administrator deploy the Citrix ADC?

A.

One-arm

B.

Two-arm

C.

Transparent

D.

Forward proxy

Full Access
Question # 31

A Citrix Administrator needs to block all DNS requests from subnet 10.107.149.0/24.

Which expressions can the administrator use to match the required traffic?

A.

CLIENT.IP.SRC(10.107.149.0) && (client.UDP.DSTPORT.EQ(53) || client TCP DSTPORT.EQ(53))

B.

CLIENT.IP.SRC IN_SUBNET(10 107.149.0/24) && client.UDP.DSTPORT.EQ(53) || client.TCP.DSTPORT.EQ(53)

C.

CLIENT.IP.SRC(10.107.149.0) && client UDP.DSTPORT.EQ(53) || client.TCP.DSTPORT.EQ(53)

D.

CLIENT.IP.SRC IN_SUBNET(10.107.149.0/24) && (client.UDP.DSTPORT.EQ(53) || client.TCP.DSTPORT.EQ(53))

Full Access