1Y0-440試験無料問題集「Citrix Architecting a Citrix Networking Solution 認定」
Scenario: A Citrix Architect needs to design a hybrid XenApp and XenDesktop environment which will include as well as resource locations in an on-premises datacenter and Microsoft Azure.
Organizational details and requirements are as follows:
Active XenApp and XenDesktop Service subscription
No existing NetScaler deployment
Minimization of additional costs
All users should correct directly to the resource locations containing the servers which will host HDX sessions Click the Exhibit button to view the conceptual environment architecture.
The architect should use___________ in Location A, and should use _______________ in Location B. (Choose the correct option to complete the sentence.)
Organizational details and requirements are as follows:
Active XenApp and XenDesktop Service subscription
No existing NetScaler deployment
Minimization of additional costs
All users should correct directly to the resource locations containing the servers which will host HDX sessions Click the Exhibit button to view the conceptual environment architecture.
The architect should use___________ in Location A, and should use _______________ in Location B. (Choose the correct option to complete the sentence.)
正解:E
解答を投票する
Scenario: A Citrix Architect needs to design a new Citrix Gateway deployment. During the design discussions, the architect documents the key requirements about when to provide VPN access for incoming connections to the Citrix Gateway virtual server. Click the Exhibit button to view the requirements.
Which policy expression will meet these requirements?
Which policy expression will meet these requirements?
正解:D
解答を投票する
Scenario: A Citrix Architect needs to deploy SAML integration between NetScaler (Identity Provider) and ShareFile (Service Provider). The design requirements for SAML setup are as follows:
NetScaler must be deployed as the Identity Provider (IDP).
ShareFile server must be deployed as the SAML Service Provider (SP).
The users in domain workspacelab.com must be able to perform Single Sign-on to ShareFile after authenticating at the NetScaler.
The User ID must be UserPrincipalName.
The User ID and Password must be evaluated by NetScaler against the Active Directory servers SFO-ADS-001 and SFO-ADS-002.
After successful authentication, NetScaler creates a SAML Assertion and passes it back to ShareFile.
Single Sign-on must be performed.
SHA 1 algorithm must be utilized.
The verification environment details are as follows:
Domain Name: workspacelab.com
NetScaler AAA virtual server URL https://auth.workspacelab.com
ShareFile URL https://sharefile.workspacelab.com
Which SAML IDP action will meet the design requirements?
NetScaler must be deployed as the Identity Provider (IDP).
ShareFile server must be deployed as the SAML Service Provider (SP).
The users in domain workspacelab.com must be able to perform Single Sign-on to ShareFile after authenticating at the NetScaler.
The User ID must be UserPrincipalName.
The User ID and Password must be evaluated by NetScaler against the Active Directory servers SFO-ADS-001 and SFO-ADS-002.
After successful authentication, NetScaler creates a SAML Assertion and passes it back to ShareFile.
Single Sign-on must be performed.
SHA 1 algorithm must be utilized.
The verification environment details are as follows:
Domain Name: workspacelab.com
NetScaler AAA virtual server URL https://auth.workspacelab.com
ShareFile URL https://sharefile.workspacelab.com
Which SAML IDP action will meet the design requirements?
正解:A
解答を投票する
Scenario: A Citrix Architect needs to assess an existing Citrix ADC configuration. The customer recently found that members of certain administrator groups were receiving permissions on the production Citrix ADC appliances that do NOT align with the designed security requirements. Click the Exhibit button to view the configured command policies for the production Citrix ADC deployment.
To align the command policy configuration with the security requirements of the organization, the__________for________________should change. (Choose the correct option to complete the sentence.)
To align the command policy configuration with the security requirements of the organization, the__________for________________should change. (Choose the correct option to complete the sentence.)
正解:D
解答を投票する
Scenario: A Citrix Architect has set up NetScaler MPX devices in high availability mode with version 12.0. 53.13 nc. These are placed behind a Cisco ASA 5505 Firewall is configured to block traffic using access control lists. The network address translation (NAT) is also performed on the firewall.
The following requirements were captured by the architect during the discussion held as part of the NetScaler security implementation project with the customer's security team:
The NetScaler device:
Should monitor the rate of traffic either on a specific virtual entity or on the device. It should be able to mitigate the attacks from a hostile client sending a flood of requests. The NetScaler device should be able to stop the HTTP, TCP, and DNS based requests.
Needs to protect backend servers from overloading.
Needs to queue all the incoming requests on the virtual server level instead of the service level.
Should provide access to resources on the basis of priority.
Should provide protection against well-known Windows exploits, virus-infected personal computers, centrally managed automated botnets, compromised webservers, known spammers/hackers, and phishing proxies.
Should provide flexibility to enforce the desired level of security check inspections for the requests originating from a specific geolocation database.
Should block the traffic based on a pre-determined header length, URL length, and cookie length. The device should ensure that characters such as a single straight quote (*); backslash(\), and semicolon (;) are either blocked, transformed, or dropped while being sent to the backend server.
Which two security features should the architect configure to meet these requirements? (Choose two.)
The following requirements were captured by the architect during the discussion held as part of the NetScaler security implementation project with the customer's security team:
The NetScaler device:
Should monitor the rate of traffic either on a specific virtual entity or on the device. It should be able to mitigate the attacks from a hostile client sending a flood of requests. The NetScaler device should be able to stop the HTTP, TCP, and DNS based requests.
Needs to protect backend servers from overloading.
Needs to queue all the incoming requests on the virtual server level instead of the service level.
Should provide access to resources on the basis of priority.
Should provide protection against well-known Windows exploits, virus-infected personal computers, centrally managed automated botnets, compromised webservers, known spammers/hackers, and phishing proxies.
Should provide flexibility to enforce the desired level of security check inspections for the requests originating from a specific geolocation database.
Should block the traffic based on a pre-determined header length, URL length, and cookie length. The device should ensure that characters such as a single straight quote (*); backslash(\), and semicolon (;) are either blocked, transformed, or dropped while being sent to the backend server.
Which two security features should the architect configure to meet these requirements? (Choose two.)
正解:A,C
解答を投票する
Scenario: A Citrix Architect needs to design a new multi-datacenter NetScaler deployment. The customer wants NetScaler to provide access to various backend resources by using Global Server Load Balancing (GSLB) in an Active-Active deployment.
Click the Exhibit button to view additional requirements identified by the architect.
Which GSLB algorithm or method should the architect use for the deployment, based on the stated requirements?
Click the Exhibit button to view additional requirements identified by the architect.
Which GSLB algorithm or method should the architect use for the deployment, based on the stated requirements?
正解:A
解答を投票する
Scenario: A Citrix Architect needs to design a new Citrix ADC Gateway deployment to provide secure RDP access to backend Windows machines.
Click the Exhibit button to view additional requirements collected by the architect during the design discussions.
To meet the customer requirements, the architect should deploy the RDP proxy through _______, using a _________ solution. (Choose the correct option to complete the sentence.)
Click the Exhibit button to view additional requirements collected by the architect during the design discussions.
To meet the customer requirements, the architect should deploy the RDP proxy through _______, using a _________ solution. (Choose the correct option to complete the sentence.)
正解:C
解答を投票する
Scenario: A Citrix Architect has configured a load balancing virtual server for RADIUS authentication. The architect observes that, when the radius authentication action has the virtual server IP address, the authentication falls. However, when any of the individual server IP addresses are used, the authentication works fine.
How should the architect troubleshoot this issue?
How should the architect troubleshoot this issue?
正解:C
解答を投票する