Black Friday Special Limited Time 70% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: 70percent

Certensure Logo
  1. Home
  2. Citrix
  3. CCA-AppDS
  4. 1Y0-241 - Deploy and Manage Citrix ADC with Traffic Management

Citrix 1Y0-241 Deploy and Manage Citrix ADC with Traffic Management Exam Practice Test

Demo: 33 questions
Total 111 questions
Get 1Y0-241 Full Access Download 1Y0-241 PDF

Deploy and Manage Citrix ADC with Traffic Management Questions and Answers

Question 1

Which mode does a Citrix Administrator need to configure to allow a Citrix ADC to control the packetforwarding function based on the route table lookups?

Options:

A.

MBF

B.

USIP

C.

Layer 2

D.

Layer 3

Question 2

Scenario: To receive data alerts for failures, a Citrix Administrator is configuring SNMP on the Citrix ADC. The administrator is confident that the manager, alarms and SNMP traps are configured correctly. The following week, there is a Citrix ADC-related outage and the administrator does NOT receive any alerts.

What could be the reason for this alert failure?

Options:

A.

The Citrix Web App Firewall is blocking the alerts from going out.

B.

The community name was NOT configured in the Citrix ADC SNMP trap destination settings.

C.

The Citrix ADC only has standard licensing.

D.

The Citrix ADC is configured for SNMP version 1.

Question 3

Scenario: While performing a disaster recovery test, a Citrix Administrator decides to failover the Citrix ADC high availability (HA) pair appliances. The administrator notices that the failover is NOT working as expected, and the secondary Citrix ADC is NOT taking over as primary. The administrator suspects that networking issues may be causing the failure.

What could be the cause of this issue?

Options:

A.

HA monitoring is enabled on an interface of the secondary node that shows as ENABLED, DOWN.

B.

The Independent Network Configuration (INC) mode is enabled on the primary node.

C.

HA monitoring is enabled on a disabled interface of the primary node.

D.

HA heartbeats are only seen on some enabled interfaces of the secondary node.

Question 4

Scenario: A Citrix Administrator configured the rewrite policies below:

bind lb vServer VIP1_http -policyName POL_14 -priority 120 -gotoPriorityExpression END -type REQUEST

bind lb vServer VIP1_http -policyName POL_12 -priority 90 -gotoPriorityExpression NEXT -type REQUEST

bind lb vServer VIP1_http -policyName POL_15 -priority 100 -gotoPriorityExpression END -type REQUEST

bind lb vServer VIP1_http -policyName POL_13 -priority 101 -gotoPriorityExpression NEXT -type REQUEST

Which policy will be evaluated last considering POL_12 is hit first?

Options:

A.

POL_12

B.

POL_13

C.

POL_14

D.

POL_15

Question 5

Which four authentication types can a Citrix Administrator use for Citrix ADC authentication, authorization, and auditing (AAA) multifactor authentication? (Choose four.)

Options:

A.

RADIUS

B.

OAuth

C.

FIDO2

D.

NTLM

E.

ADFS

F.

LDAP

G.

TACACS+

Question 6

Scenario: A Citrix Administrator is managing a Citrix Gateway with a standard Platform license and remote employees in the environment. The administrator wants to increase access by 3,000 users through the Citrix Gateway using VPN access.

Which license should the administrator recommend purchasing?

Options:

A.

Citrix ADC Burst Pack

B.

Citrix Gateway Express

C.

Citrix Gateway Universal

D.

Citrix ADC Upgrade

Question 7

A Citrix Administrator notices that the Citrix ADC is sending the IP addresses of all the active services in the DNS response.

The administrator can use the set gslb vServer __________________ parameter to change this behavior.

Options:

A.

EDR ENABLED

B.

MIR DISABLED

C.

MIR ENABLED

D.

EDR DISABLED

Question 8

A Citrix Administrator needs to match the host name ‘www.example.com’ in all HTTP requests.

Which expression, when used, meets this requirement?

Options:

A.

HTTP.REQ.HOSTNAME.EQ(“www.example.com”)

B.

HTTP.RES.HOSTNAME.EQ(“www.example.com”)

C.

HTTP.REQ.HOSTNAME(“example.com”)

D.

HTTP.RES.HOSTNAME.CONTAINS(“www.example.com”)

Question 9

If a policy evaluates as_________________ a Citrix ADC performs the action assigned to the ____________ condition and stops further policy evaluation.

Options:

A.

TRUE; FALSE

B.

UNDEFINED; TRUE

C.

UNDEFINED; FALSE

D.

UNDEFINED; UNDEFINED

Question 10

Which two steps are necessary to configure global server load balancing (GSLB) service selection using content switching (CS)? (Choose two.)

Options:

A.

Bind the domain to the CS vServer instead of the GSLB vServer.

B.

Configure CS policies that designate a load-balancing vServer as the target vServer.

C.

Configure a CS vServer of target type GSLB.

D.

Bind the GSLB domain to the GSLB vServer.

Question 11

Scenario: A Citrix Administrator is concerned about the number of health checks the Citrix ADC is sending to backend resources. The administrator wants to find a way to remove health checks from specific bound services.

How can the administrator accomplish this?

Options:

A.

Unbind the current monitor.

B.

Use the no-monitor option.

C.

Use service groups to minimize health checks.

D.

Use reverse-condition monitoring.

Question 12

When a Citrix ADC high availability (HA) pair failover occurs, by what method does the Citrix ADC communicate to the network switches and routers that IP-to-MAC address bindings have changed?

Options:

A.

Reverse ARP (RARP) to update the network devices

B.

MAC-based forwarding (MBF) to update the routers

C.

Proxy ARP to update the network devices

D.

Gratuitous ARPs (GARPs) to update the network devices

Question 13

Which Citrix ADC feature can a Citrix Administrator employ to reuse existing TCP connections?

Options:

A.

TCP buffering

B.

Connection multiplexing

C.

Keep-alive

D.

Content switching

Question 14

A Citrix Administrator needs to configure a rate-limiting policy setting DNS requests to a threshold of 1,000 per second.

Which set of commands does the administrator need to run to correctly configure and enable this policy?

Options:

A.

> add stream selector DNSSelector1 client.udp.dns.domain

> add ns limitIdentifier DNSLimitIdentifier1 -threshold 5 -timeSlice 1000 -selectorName DNSSelector1

> add dns policy DNSLimitPolicy1 " sys.check_limit(\"DNSLimitIdentifier1\")" -preferredLocation "North America.US.TX.Dallas.. "

> bind dns global DNSLimitPolicy1 5

B.

> add stream selector DNSSelector1 client.udp.dns.domain

> add ns limitIdentifier DNSLimitIdentifier1 -threshold 1000 -timeSlice 1000 -selectorName DNSSelector1

> add dns policy DNSLimitPolicy1 " sys check_limit(\"DNSLimitIdentifier1\")" -preferredLocation "North America.US.TX.Dallas.. "

> bind dns global DNSLimitPolicy1 5

C.

> add stream selector DNSSelector1 client.udp.dns.domain

> add ns limitIdentifier DNSLimitIdentifier1 -threshold 5 -timeSlice 1000 -selectorName DNSSelector1

> add dns policy DNSLimitPolicy1 " sys.check_limit(\"DNSLimitIdentifier1\")" -preferredLocation "North America.US.TX.Dallas.. "

D.

> add stream selector DNSSelector1 client.udp.dns.domain

> add ns limitIdentifier DNSLimitIdentifier1 -threshold 1000 -timeSlice 1000 -selectorName DNSSelector1

> add dns policy DNSLimitPolicy1 " sys check_limit(\"DNSLimitIdentifier1\")" -preferredLocation "North America.US.TX.Dallas.. "

Question 15

In a global server load balancing (GSLB) active-active environment, the connection proxy is used as the site persistence method.

What is used to source the traffic when the connection is proxied?

Options:

A.

Subnet IP (SNIP)

B.

LDNS IP Address

C.

Client source IP

D.

Virtual IP (VIP)

Question 16

A Citrix Administrator configured global server load balancing (GSLB) for www.citrix.com, with two ADNS services named Citrix ADC 1 and Citrix ADC 2 in the setup.

Which record does the administrator need to add on the parent DNS server to delegate requests from www.citrix.com to Citrix ADC 1 and Citrix ADC 2?

Options:

A.

Canonical Name (CNAME)

B.

Address (A) record

C.

Name Server (NS) record

D.

Pointer Record (PTR)

Question 17

To improve page-rendering time a Citrix Administrator needs to overcome the connection limitation by enabling client browsers to simultaneously download more resources.

What should the administrator enable while configuring the front end optimization (FEO) feature?

Options:

A.

HTML comments removal

B.

Image lazy loading

C.

CSS import to link

D.

Domain sharding

Question 18

Scenario: A Citrix Administrator configured a responder policy as follows:

> add responder action Picture10Action redirect "\"http://\ " + http.req.hostname + http.req.url + \"/picture10.html\"" -bypassSafetyCheck YES

> add responder policy Picture10Policy "http.req.url.eq(\"/mywebsite\")" Picture10Action

> bind responder global Picture10Policy 1 END -type OVERRIDE

What will be the effect of this configuration?

Options:

A.

The URL http://www.mywebsite.com will be overwritten with /picture10.html.

B.

Clients accessing http://www.mywebsite.com/ will have /picture10 html appended to the URL.

C.

Clients accessing http://www.mywebsite.com/picture10.html will be overwritten with http://www.mywebsite com/.

D.

The file Picture10 will be downloaded to a local drive when directly accessing http://www.mywebsite.com/picture10.html.

Question 19

What is the first thing a Citrix Administrator should develop when creating a server certificate for Citrix ADC to secure traffic?

Options:

A.

A private key

B.

A certificate revocation list (CRL)

C.

A certificate signing request (CSR)

D.

A certificate key-pair

Question 20

Scenario: A Citrix Administrator created and bound multiple content switching policies. During testing, attempts to access https://cs.mycompany.com resulted in the error message below:

HTTP 503 Service Unavailable

In a Citrix ADC configuration, what can the administrator do to fix the error?

Options:

A.

Disable the spillover redirect URL.

B.

Bind a certificate

C.

Enable the content switching feature

D.

Check the priorities of the existing policies

Question 21

A Citrix Administrator needs to bind a URL transformation policy.

Which three bind points could the administrator use? (Choose three.)

Options:

A.

Authentication, authorization, and auditing (AAA) group

B.

Content switching vServer

C.

Default global

D.

Policy label

E.

AAA user

Question 22

To protect an environment against Hash DoS attacks, which two configurations can a Citrix Administrator use to block all post requests that are larger than 10,000 bytes? (Choose two.)

Options:

A.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”)&&

http.REQ.CONTENT_LENGTH.GT(10000)”

> add rewrite policy drop_rewrite expr_hashdos_prevention DROP

> bind rewrite global drop_rewrite 100 END –type REQ_OVERRIDE

B.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”)&&

http.REQ.CONTENT_LENGTH.GT(10000)”

> add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP

> bind responder global pol_resp_hashdos_prevention 70 END –type REQ_OVERRIDE

C.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”) ||

http.REQ.CONTENT_LENGTH.GT(10000)”

> add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP

> bind responder global pol_resp_hashdos_prevention 70 END –type REQ_OVERRIDE

D.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”) ||

http.REQ.CONTENT_LENGTH.GT(10000)”

> add rewrite policy drop_rewrite expr_hashdos_prevention DROP

> bind rewrite global drop_rewrite 70 END –type REQ_OVERRIDE

E.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”) ||

http.REQ.CONTENT_LENGTH.GT(10000)”

> add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP

> bind responder global pol_resp_hashdos_prevention 100 END –type REQ_OVERRIDE

F.

> add policy expression expr_hashdos_prevention “http.REQ.METHOD.EQ(\”POST\”) ||

http.REQ.CONTENT_LENGTH.GT(10000)”

> add rewrite policy drop_rewrite expr_hashdos_prevention DROP

> bind rewrite global drop_rewrite 100 END –type REQ_OVERRIDE

Question 23

Scenario: A load-balancing vServer is configured to utilize the least bandwidth load-balancing method. A service attached to this vServer is brought into the effective state during production hours.

During the startup of a vServer, which load-balancing method is used by default?

Options:

A.

Least connections

B.

Least bandwidth

C.

Custom load

D.

Round-robin

Question 24

Scenario: A Citrix Administrator configured a load-balancing vServer. The URL for this vServer is vpn.citrix.com. The backend server has the host name configured as server1.citrix.com.

The administrator needs to implement the policy to change the host name from vpn.citrix.com to server1.citrix.com, and vice versa.

Which does the administrator need to configure to meet this requirement?

Options:

A.

set transform action “host change” –priority 10 –reqUrlFrom “https://vpn.citrix.com/*” –reqUrlInto “https://

server1.citrix.com/*” –resUrlFrom “https://server1.citrix.com/*” –resUrlInto “https://vpn.citrix.com/*”

B.

set transform action “host change” –priority 10 –reqUrlFrom “https://server1.citrix.com/*” –reqUrlInto “https://

vpn.citrix.com/*” –resUrlFrom “https://server1.citrix.com/*” –resUrlInto “https://vpn.citrix.com/*”

C.

set transform action “host change” –priority 10 –reqUrlFrom “https://server1.citrix.com/*” –reqUrlInto “https://

vpn.citrix.com/*” –resUrlFrom “https://vpn.citrix.com/*” –resUrlInto “https://server1.citrix.com/*”

D.

set transform action “host change” –priority 10 –reqUrlFrom “https://vpn.citrix.com/*” –reqUrlInto “https://

server1.citrix.com/*” –resUrlFrom “https://vpn.citrix.com/*” –resUrlInto “https://server1.citrix.com/*”

Question 25

Scenario: A Citrix Administrator is managing a Citrix ADC SDX running eight Citrix ADC instances. The administrator needs to upgrade the firmware on the instances. However, the administrator is concerned that it needs to be done simultaneously.

What upgrading flexibility does SDX provide in this scenario?

Options:

A.

The Citrix ADC instances must be upgraded simultaneously.

B.

The Citrix ADC instances can be upgraded from the lights out management (LOM) port and Citrix Cloud services to different firmware versions.

C.

The Citrix ADC instances can be upgraded on an individual basis, allowing all instances to run independent firmware versions.

D.

The Citrix ADC instances can be upgraded at the SDX management level, allowing all instances to be upgraded simultaneously.

Question 26

What is the effect of the “set cs vServer-CS-1 –redirectURL http://www.newdomain.com/mysite/” command?

Options:

A.

If the vServer-CS-1 encounters a high connection rate, then users will be redirected to http://www.newdomain.com/mysite/.

B.

If the status of vServer-CS-1 is DOWN, then users will be redirected to http://www.newdomain .com/mysite/.

C.

All the requests to vServer-CS-1 will be redirected to http://www.newdomain.com/mysite/.

D.

All the requests without URL path/mysite/ will be redirected to http://www.newdomain.com/mysite/.

Question 27

Which two protocols would provide end-to-end data encryption, while allowing a Citrix ADC to optimize the responses? (Choose two.)

Options:

A.

HTTP protocol for the services

B.

SSL bridge protocol for the vServer

C.

SSL bridge protocol for the services

D.

SSL protocol for the services

E.

HTTP protocol for the vServer

F.

SSL protocol for the vServer

Question 28

Scenario: A Citrix Administrator configures an Access Control List (ACL) to block traffic from the IP address 10.102.29.5:

add simpleacl rule1 DENY -srcIP 10.102 29.5

A week later the administrator discovers that the ACL is no longer present on the Citrix ADC.

What could be the reason for this?

Options:

A.

The administrator did NOT run the apply ACL command.

B.

The simple ACLs remain active for only 600 seconds.

C.

The simple ACLs remain active for only 60 seconds.

D.

The Citrix ADC has been restarted without saving the configurations.

Question 29

Scenario: A Citrix Administrator configured a global server load balancing (GSLB) setup for internal and external users using the same host name. For internal users, cvad.citrite.net should go to the Citrix StoreFront site; for external users, it should connect to the Citrix ADC Gateway VPN site.

Which feature should the administrator configure to accomplish this?

Options:

A.

DNS Preferred Location

B.

DNS Record

C.

DNS View

D.

DNS Proxy

Question 30

Scenario: Users are trying to access https://cs.mycompany.com, but are receiving the error below:

HTTP 503 Service Unavailable

What can a Citrix Administrator change in the Citrix ADC configuration to fix this?

Options:

A.

Enable the content switching feature.

B.

Disable the spillover redirect URL.

C.

Bind a certificate.

D.

Bind the default load-balancing vServer.

Question 31

Which Citrix ADC Access Control List (ACL) command can a Citrix Administrator use to bridge traffic originating from the IP address 192.168.10.200?

Options:

A.

add ns simpleacl6

B.

add ns simpleacl

C.

add ns acl

D.

add ns acl6

Question 32

Scenario: A Citrix ADC MPX is using one of four available 10G ports. A Citrix Administrator discovers a traffic bottleneck at the Citrix ADC.

What can the administrator do to increase bandwidth on the Citrix ADC?

Options:

A.

Purchase another Citrix ADC MPX appliance.

B.

Plug another 10G Citrix ADC port into the router.

C.

Add two more 10G Citrix ADC ports to the network and configure VLAN.

D.

Add another 10G Citrix ADC port to the switch, and configure Link Aggregation Control Protocol (LACP).

Question 33

Scenario: A Citrix Administrator executed the command below:

> set httpcallout httpcallout1 –cacheForSecs 120

This command changes the cache duration of the HTTP ____________ to be set to 120 seconds. (Choose the

correct option to complete the sentence.)

Options:

A.

callout response

B.

request

C.

callout request

D.

response

Load More 1Y0-241 Questions
Demo: 33 questions
Total 111 questions
Get 1Y0-241 Full Access Download 1Y0-241 PDF