NEW QUESTION 1
Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction.
Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results?
add appfw profile Test123 –startURLAction none- denyURLAction none- cookieConsistencyAction log
–cookieTransforms ON –cookieEncryption ecryptSessionOnly –addCookieFlags httpOnly
–crossSiteScriptingAction none- SQLInjectionAction log stats –SQLInjectionTransfrormSpecialChars ON- SQLInjectionCheckSQLWildChars ON –fieldFormatAction none –bufferOverflowAction none
–responseContentType “application/octet-stream”- XMLSQLInjectionAction none –XMLXSSAction none-XMLWSIAction none- XMLValidationAction none

• A. Configure Encrypt Server cookies to “Encrypt All”
• B. Configure Encrypt Server cookies to “None”
• C. Configure Encrypt Server cookies to “Encrypt Session Only”
• D. Configure Encrypt Server cookies to “Encrypt only”

Answer: B

NEW QUESTION 2
A Citrix Engineer has determined that users are able to access random URLs on a web site through bookmarks and by manually typing in the URLs to skip the pages required to reach that part of the website.
Which two checks can the engineer enable to prevent this attack? (Choose two.)

• A. Form Field Consistency
• B. Deny URL
• C. Start URL
• D. Buffer overflow
• E. HTML Cross-site scripting

Answer: CD

NEW QUESTION 3
Which three options can be used to specify the destination of an HTTP Callout? (Choose three.)

• A. Load balancing Virtual server
• B. Global server load balancing Virtual server
• C. NetScaler Gateway Virtual server
• D. Content switching Virtual server
• E. Cache redirection Virtual server

Answer: ADE

NEW QUESTION 4
How can a Citrix Engineer configure a specific LDAP attribute in the nFactor implementation?

• A. Specify the attribute in the LDAP server attributes field.
• B. Change the order of the policies.
• C. Add the attribute on the nFactor traffic policy.
• D. Change the login schema and add the new attribute.

Answer: D

NEW QUESTION 5
A Citrix Engineer has deployed Front-end Optimization on NetScaler. The following are the snippets of the content before and after optimization.
Before Optimization:

Which optimization technique has been applied to the content?

• A. Convert linked JavaScript to inline JavaScript
• B. Minify JavaScript
• C. Move JavaScript to End of Body Tag
• D. Inline JavaScript

Answer: B

NEW QUESTION 6
The NetScaler Management and Analytics System (NMAS) collects inventory from the instance by sending a(n) request. (Choose the correct option to complete the sentence.)

• A. AppFlow
• B. NITRO
• C. SNMP
• D. HTTP

Answer: B

NEW QUESTION 7
Scenario: A hacker accessed the HTML code from a product page and manipulated the HTML code as shown: Original Value: <input type=hidden name=price value=2379.73>
Manipulated Value: <input type=hidden name=price value=9.24>
Which security check can the engineer configure to counter the manipulation?

• A. Content-type
• B. Field Formats
• C. Form Field consistency
• D. HTML Cross-Site Scripting

Answer: C

NEW QUESTION 8
The NetScaler processes HTTP/2 web client connections to the backend web servers by . (Choose the correct option to complete the sentence.)

• A. Converting the HTTP/2 headers to HTTP/1.1 headers and forwarding them to the web servers.
• B. Dropping HTTP/2 requests as it is NOT supported by web servers.
• C. Passing- through all HTTP/2 traffic to the web servers.
• D. Converting HTTP/2 to HTTP 0.9 and forwarding the packets to the web servers.

Answer: A

NEW QUESTION 9
A Citrix Engineer executed the below commands on the NetScaler command-line interface (CLI): add stream selector cacheStreamSelector http.req.url
add ns limitidentifier cacheRateLimitIdentifier –threshold 5 –timeSlice 2000 –selectorName cacheStreamSelector
add cache policy cacheRateLimitPolicy –rule “http.req.method.eq(get) && sys.check_limit ( “cacheRateLimitIdentifier”)” –action cache
bind cache global cacheRateLimitPolicy- priority 10 What will be the effect of executing these commands?

• A. NetScaler will cache a response if the request URL rate exceeds 5 per 2000 milliseconds.
• B. NetScaler will cache a request if the request URL rate exceeds 5 per 2000 seconds.
• C. NetScaler will NOT cache a request if the request URL rate exceeds 5 per 2000 milliseconds.
• D. NetScaler will cache a response if the request URL rate exceeds 5 per 2000 seconds.

Answer: B

NEW QUESTION 10
A Citrix Engineer needs to set the rate at which connections are proxied from the NetScaler to the server. Which values should the engineer configure for Surge Protection?

• A. UDP Threshold and Start Port
• B. Grant Quota and Buffer Size
• C. TCP Threshold and Reset Threshold
• D. Base Threshold and Throttle

Answer: D

NEW QUESTION 11
A Citrix Engineer observes the following event in the ns.log:
Aug 3 11:55:58 <local0.info> 10.248.64.10 08/03/2015:15:55:58 GMT ATL0NS01 0-PPE-1: default APPFW APPFW_STARTURL 406856 0: 10.248.13.13 11152-PPE1
LG+hd4LkcYiOyQVWvOTsCtSyiv00001 SPI Disallow illegal URL: https://training.citrix.com/login
<blocked>
Which Application Firewall profile has blocked the URL?

• A. SPI
• B. APPFW_STARTURL
• C. ATL0NS01
• D. SPI Disallow illegal URL

Answer: C

NEW QUESTION 12
Which NetScaler owned IP address is used by NetScaler Management and Analytics System (NMAS) to communicate with NetScaler Instances?

• A. VIP (Virtual IP)
• B. NSIP (NetScaler IP)
• C. CLIP (Cluster IP)
• D. SNIP (Subnet IP)

Answer: B

NEW QUESTION 13
Which mechanism does the NetScaler use to enable a safe and speedy data exchange between a client/server initial TCP handshake?

• A. TCP Fast Open (TFO)
• B. TCP Burst Rate Control
• C. TCP Hystart
• D. TCP Time Stamp

Answer: A

NEW QUESTION 14
An attacker inserting a malicious code that compromises the trust relationship between users and a web application is an example of a (n) attack. (Choose the correct option to complete the sentence.)

• A. Cookie Tampering
• B. SQL Injection
• C. Form Field Consistency
• D. Cross-site Scripting

Answer: D

NEW QUESTION 15
Which two response headers are added by Application Firewall? (Choose two.)

• A. Transfer-Encoding
• B. Accept-Language
• C. Accept-Encoding
• D. Set-Cookie
• E. Range

Answer: AD

NEW QUESTION 16
A Citrix Engineer needs to configure NetScaler Management and Analytics System (NMAS) in their network to retain network reporting data, events, audit logs, and task logs for 20 days.
Which settings can the engineer configure to meet the requirement?

• A. System Prune Settings
• B. System Backup Settings
• C. Instance Backup Settings
• D. Syslog Prune Settings

Answer: A