1Y0-340 Online Practice Questions and Answers
A Citrix Engineer needs to ensure that clients always receive a fresh answer from the integrated cache for positive responses (response of 200).
Which two settings can the engineer configure to make sure that clients receive a fresh response when it is needed? (Choose two.)
A. –flashCache NO
B. –pollEveryTime YES
C. –prefetch YES
D. –quickAbortSize
A Citrix Engineer is configuring an Application Firewall Policy to protect a website. Which expression will the engineer use in the policy?
A. HTTP.RES.IS_VALID
B. HTTP.REQ.HOSTNAME.EQ ("true")
C. HTTP.RES.HEADER ("hostname").EQ ("true")
D. HTTP.REQ.IS_VALID
Scenario: A Citrix Engineer configures the Application Firewall for protecting a sensitive website. The security team captures traffic between a client and the website and notes the following cookie:
citrix_ns_id The security team is concerned that the cookie name is a risk, as it can be easily determined that the NetScaler is protecting the website.
Where can the engineer change the cookie name?
A. Application Firewall Policy
B. Application Firewall Engine Settings
C. Application Firewall Default Signatures
D. Application Firewall Profile
Which content type takes the maximum advantage of web caching mechanisms to boost performance?
A. Pseudo-Dynamic Content
B. Pseudo-Static Content
C. Static Content
D. Dynamic Content
A Citrix Engineer needs to configure Relaxation Rules using the learned data for SQL Injection.
Which setting can the engineer enable in order to avoid false-positive learned rules?
A. Increase database size for Learned data.
B. Decrease Minthreshold value to Default in Learning settings.
C. Increase Minthreshold value in Learning settings.
D. Remove all unreviewed data from Learning settings.
A Citrix Engineer needs to migrate the NetScaler Insight Center virtual appliance to NetScaler Management and Analytics System (NMAS).
Which two actions should be met before migrating the NetScaler Insight Center virtual appliance to NMAS? (Choose two.)
A. Install NetScaler Insight Center 11.1 Build 47.14 or later.
B. Install NetScaler MAS License on the NMAS.
C. Download the NetScaler MAS build to the /var/mps/mps_images.
D. Remove the NetScaler instances added to the Insight Center.
E. Migrate the NMAS virtual machine to XenServer.
Which security option falls under the Negative Security Model for Citrix Application Firewall?
A. Start URL
B. HTML Cross-Site Scripting
C. Content-type
D. Signature
Scenario: A Citrix Engineer observes that when going through NetScaler, user connections fail and users are unable to access Exchange server. However, users can connect directly to the Exchange server. After checking the logs, the engineer finds that the POST request is blocked through the NetScaler.
The log in/ var/log/ns.log is as follows:
Jul 20 11:00: 38
https://test.abc.com/rpc/rpcproxy.dll?mail.sfmta.com:6004 Bad request headers. Content- length exceeds post body limit
Which parameter can the engineer modify to resolve the issue while maintaining security?
A. Increase the Maximum Header Length under nshttp_default_profile.
B. Increase the POST body limit using the HTTP profile.
C. Add an Application Firewall policy with the expression "HTTP.REQ.METHOD.EQ(\ "POST"\)" with APPFW_BYPASS profile bound.
D. Increase the POST body limit under common settings in Application Firewall profile settings.
Which Markup Language is used along with NITRO API to create a StyleBook?
A. YAML
B. GML
C. XML
D. HTML
Which two threats can be prevented by using IP Reputation? (Choose two.)
A. Trojan horses
B. Phishing Proxies
C. Worm
D. Compromised IPv6 web-server
E. Compromised IPv4 web-server
Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction.
Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results?
add appfw profile Test123 –startURLAction none- denyURLAction nonecookieConsistencyAction log – cookieTransforms ON –cookieEncryption ecryptSessionOnly–addCookieFlags httpOnly – crossSiteScriptingAction none- SQLInjectionAction log stats–SQLInjectionTransfrormSpecialChars ON-SQLInjectionCheckSQLWildChars ON–fieldFormatAction none –bufferOverflowAction none – responseContentType “application/octet-stream”- XMLSQLInjectionAction none –XMLXSSAction none-XMLWSIAction none- XMLValidationAction none
A. Configure Encrypt Server cookies to "Encrypt All"
B. Configure Encrypt Server cookies to "None"
C. Configure Encrypt Server cookies to "Encrypt Session Only"
D. Configure Encrypt Server cookies to "Encrypt only"
A Citrix Engineer observes the following event in the ns.log:
Aug 3 11:55:58
default APPFW APPFW_STARTURL 406856 0: 10.248.13.13 11152-PPE1
LG+hd4LkcYiOyQVWvOTsCtSyiv00001 SPI Disallow illegal URL:
https://training.citrix.com/login
Which Application Firewall profile has blocked the URL?
A. SPI
B. APPFW_STARTURL
C. ATL0NS01
D. SPI Disallow illegal URL
A Citrix Engineer observes that after enabling the security checks in Learning mode only in an Application Firewall profile, the NetScaler is blocking the non-RFC compliant HTTP packets.
What can the engineer modify in the configuration to resolve this issue?
A. Disable Drop Invalid Requests in the HTTP Profile settings.
B. Set Default profile in application firewall settings as APPFW_BYPASS.
C. Set Undefined Action in application firewall settings as APPFW_BYPASS.
D. Enable Drop Invalid Requests in the HTTP Profile settings.
What criteria must be met in order to create a certificate bundle by linking multiple certificates in NetScaler Management and Analytics System (NMAS)?
A. The issuer of the first certificate must match the domain of the second certificate.
B. The issuer if the first certificate must NOT have issued the second certificate.
C. The certificates must be created on the NetScaler.
D. The certificates must be issued by an external Certificate Authority.
Which mechanism does the NetScaler use to enable a safe and speedy data exchange between a client/ server initial TCP handshake?
A. TCP Fast Open (TFO)
B. TCP Burst Rate Control
C. TCP Hystart
D. TCP Time Stamp
Why select/choose certbus.com?
Millions of interested professionals can touch the destination of success in exams by certbus.com. products which would be available, affordable, updated and of really best quality to overcome the difficulties of any course outlines. Questions and Answers material is updated in highly outclass manner on regular basis and material is released periodically and is available in testing centers with whom we are maintaining our relationship to get latest material.
Copyright © 2004-2025 certbus.com, All Rights Reserved.