Citrix ADC Advanced Topics - Security, Management, and Optimization v1.0

Page:    1 / 8   
Exam contains 108 questions

Which data populates the Events Dashboard?

  • A. Syslog messages
  • B. SNMP trap messages
  • C. API calls
  • D. AppFlow IPFIX records


Answer : D

Scenario: A Citrix Engineer is notified that improper requests are reacting the web application. While investigating, the engineer notices that the Citrix Web App Firewall policy has zero hits.
What are two possible causes for this within the Citrix Web App Firewall policy? (Choose two.)

  • A. The expression is incorrect.
  • B. It has been assigned an Advanced HTML profile.
  • C. It is NOT bound to the virtual server.
  • D. It has been assigned the built-in APPFW_RESET profile.


Answer : AC

Which feature of Learning should a Citrix Engineer configure to direct Citrix Web App Firewall to learn from specific sessions?

  • A. Advanced policy expression filter
  • B. Default policy expression filter
  • C. Trusted Learning Clients list
  • D. Manage Content Types for Safe Commerce


Answer : C

A Citrix Engineer has defined an HTTP Callout, hc_authorized_location, to return the value “Authorized” if client’s IP address is on a list of authorized external locations.
Which advanced expression should the engineer use in a policy for testing this condition?

  • A. SYS.HTTP_CALLOUT(hc_authorized_location).IS_TRUE
  • B. SYS.HTTP_CALLOUT(hc_authorized_location).EQ(“Authorized”)
  • C. SYS.HTTP_CALLOUT(hc_authorized_location).IS_VALID
  • D. SYS.HTTP_CALLOUT(hc_authorized_location).EQUALS_ANY(“Authorized”)


Answer : D

Scenario: A Citrix Engineer configured signature protections for Citrix Web App Firewall. Signature Auto-Update has been enabled. Upon reviewing the log files, the engineer notices that the auto update process has an error. In the settings for Signature Auto Update the engineer notices that the URL is blank.
Which URL should the engineer enter to restore the update process?

  • A. https://s3.amazonaws.com/NSAppFwSignatures/SignaturesMapping.xml
  • B. https://download.citrix.com/NSAppFwSignatures/SignaturesMapping.xml
  • C. https://www.citrix.com/NSAppFwSignatures/SignaturesMapping.xml
  • D. https://citrix.azure.com/NSAppFwSignatures/SignaturesMapping.xml


Answer : A

Scenario: A Citrix Engineer is reviewing the Citrix Web App Firewall log files using the GUI. Upon further analysis, the engineer notices that legitimate application traffic is being blocked.
What can the engineer do to allow the traffic to pass through while maintaining security?

  • A. Note the protection blocking the traffic in the log entry. Edit the profile and deselect the Block action for the protection.
  • B. Select the check box in the log entry. Choose Dismiss to allow the traffic to pass through from the Action menu.
  • C. Note the protection blocking the traffic in the log entry. Create a new profile and policy and bind it with a larger priority number.
  • D. Select the check box in the log entry. Choose Edit & Deploy to create a relaxation rule from the Action menu.


Answer : A

Scenario: A Citrix Engineer has enabled the IP Reputation feature. The engineer wants to protect a critical web application from a distributed denial of service attack.
Which advanced expression can the engineer write for a Responder policy?

  • A. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(SPAM_SOURCES)
  • B. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(BOTNETS)
  • C. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(WEB_ATTACKS)
  • D. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(WINDOWS_EXPLOITS)


Answer : C

A Citrix Engineer wants to delegate management of Citrix Application Delivery Management (ADM) to a junior team member.
Which assigned role will limit the team member to view all application-related data?

  • A. readonly
  • B. appReadonly
  • C. admin
  • D. appAdmin


Answer : B

A Citrix Engineer wants the Citrix Web App Firewall to respond with a page stored on the Citrix ADC when a violation is detected.
Which profile setting accomplishes this?

  • A. Redirect URL
  • B. RFC Profile
  • C. Default Request
  • D. HTML Error Object


Answer : D

Scenario: A Citrix Engineer implements Application-level Quality of Experience (AppQoE) to protect a web application. Shortly after that, users call to complain that nearly every request is being met with a Captcha.
What can the engineer do to improve the user experience?

  • A. Disable the Captcha.
  • B. Increase the DOS Attack Threshold.
  • C. Increase the Policy Queue Depth.
  • D. Increase the Session Life.


Answer : A

Which build-in TCP profile can a Citrix Engineer assign to a virtual server to improve performance for users who access an application from a secondary campus building over a fiber optic connection?

  • A. nstcp_default_tcp_lfp
  • B. nstcp_default_tcp_lan
  • C. nstcp_default_tcp_interactive_stream
  • D. nstcp_default_tcp_lnp


Answer : C

Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall. The engineer enables the Learn action for the Start URL, HTML, Cross-Site Scripting, and HTML SQL Injection protections. The engineer assigns this profile to a policy, which is then bound to the virtual server.
Which two items can the engineer check to determine that the Learn action is NOT capturing any rules? (Choose two.)

  • A. The HTML Error Object is configured for the profile.
  • B. Enough space is left on the /flash file system.
  • C. The aslearn process is running on the Citrix ADC appliance.
  • D. The Learn database is less than 20 MB.


Answer : AC

Scenario: A Citrix Engineer wants to use Citrix Application Delivery Management (ADM) to monitor a single Citrix ADC VPX with eight web applications and one Citrix Gateway. It is important that the collected data be protected.
Which deployment will satisfy the requirements?

  • A. A single Citrix ADM with database replication to a secondary storage repository.
  • B. A pair of Citrix ADM virtual appliances configured for High Availability.
  • C. A single Citrix ADM imported onto the same hypervisor as the Citrix ADC VPX.
  • D. A pair of Citrix ADM virtual appliances, each working independently.


Answer : A

A manager for a hospital billing system wants to display the last four digits of a credit card number when printing invoices.
Which credit card security action does this?

  • A. X-Out
  • B. Log
  • C. Transform
  • D. Block


Answer : A

Which protection can a Citrix Engineer implement to prevent a hacker from extracting a customer list from the company website?

  • A. Cross-Site Request Forgeries (CSRF)
  • B. Form Field Consistency
  • C. HTML Cross-Site Scripting (XSS)
  • D. HTML SQL Injection


Answer : B

Page:    1 / 8   
Exam contains 108 questions

Talk to us!


Have any questions or issues ? Please dont hesitate to contact us

Certlibrary.com is owned by MBS Tech Limited: Room 1905 Nam Wo Hong Building, 148 Wing Lok Street, Sheung Wan, Hong Kong. Company registration number: 2310926
Certlibrary doesn't offer Real Microsoft Exam Questions. Certlibrary Materials do not contain actual questions and answers from Cisco's Certification Exams.
CFA Institute does not endorse, promote or warrant the accuracy or quality of Certlibrary. CFA® and Chartered Financial Analyst® are registered trademarks owned by CFA Institute.
Terms & Conditions | Privacy Policy