for Citrix certification, Real Success Guaranteed with Updated . 100% PASS 1Y0-340 Analyzing Citrix NetScaler Advanced Topics: Security - Management - and Optimization exam Today!
Also have 1Y0-340 free dumps questions for you:
NEW QUESTION 1
A Citrix Engineer observes that when the application firewall policy is bound to the virtual server, some of the webpages are NOT loading correctly.
Which log file can the engineer use to view the application firewall-related logs in the native format?
- A. /var/log/iprep.log
- B. /var/nslog/newnslog
- C. /var/nslog/ns.log
- D. /var/log/ns.log
NEW QUESTION 2
Scenario: A Citrix Engineer has configured a NetScaler Management Analytics System (NMAS) policy mandating that all certificates must have minimum key strengths of 2048 bits and must be authorized by trusted CA/Issuers.
How does NMAS alert the engineer about non-compliance?
- A. NMAS highlights any non-compliance with the ‘Non-Recommended’ tag.
- B. NMAS disables any non-compliant policies.
- C. NMAS does NOT alert the engineer.
- D. NMAS disables any non-compliant certificates.
NEW QUESTION 3
A Citrix Engineer needs to optimize the Cascading Style Sheets (CSS) content sent from the backend server before being forwarded to the client.
Which option can the engineer use to accomplish CSS optimization?
- A. Move to Head Tag
- B. Shrink to Attributes
- C. Lazy Load
- D. Convert to WebP
NEW QUESTION 4
A Citrix Engineer has received the following message after setting up Application Firewall in Learning mode. August 28 6 03:14:27 <local0.info>XXX.0.0.2.08/28/2017:03:14:27 GMT VPXExtProd01 0-PPE-0: default
GUI CMD_EXECUTED 1670370 0: User CitrixAdmin- Remote_ip XXX.19.XXX.XXX-Command “show
appfw learningdata WebPub_vs_af_1 startURL”- Status “ERROR: Communication error with aslearn”
What can the engineer perform to resolve the issue?
- A. Reinstall the Application Firewall license.
- B. Reboot the NetScaler appliance.
- C. Disable the Application Firewall feature.
- D. Delete the Profile database and restart the aslearn process.
NEW QUESTION 5
A Citrix Engineer needs to set the rate at which connections are proxied from the NetScaler to the server. Which values should the engineer configure for Surge Protection?
- A. UDP Threshold and Start Port
- B. Grant Quota and Buffer Size
- C. TCP Threshold and Reset Threshold
- D. Base Threshold and Throttle
NEW QUESTION 6
A Citrix Engineer needs to ensure that infrastructure is PCI DSS compliant. Which two are prerequisite actions for PCI DSS compliance? (Choose two.)
- A. Use only vendor-supplied defaults for system passwords and other security parameters.
- B. Assign a unique ID to each person with computer access.
- C. Track and monitor every transaction of the cardholder.
- D. Regularly test security systems and processes.
- E. Ensure that cardholder data is sent unencrypted over public networks.
NEW QUESTION 7
Scenario: A Citrix Engineer is assigned applications using Role-based Access Control (RBAC) in NetScaler Management and Analytics Systems (NMAS). In the NMAS, the engineer can see all virtual servers under Web Insight > Applications, but is unable to access them.
What could be the cause of this behavior?
- A. The RBAC is NOT supported for Orchestration.
- B. The RBAC is NOT supported at the application level.
- C. The Access Control policy is NOT configured on the NetScaler.
- D. The Access Control policy name on NetScaler and NetScaler MAS should match.
NEW QUESTION 8
A Citrix Engineer has deployed Front-end Optimization on NetScaler. The following are the snippets of the content before and after optimization.
Which optimization technique has been applied to the content?
- A. Combine CSS
- B. Minify CSS
- C. Inline CSS
NEW QUESTION 9
A website hosts highly dynamic content that is frequently requested in bursts of high user access. Which configuration will reduce traffic to the origin server while optimizing client performance?
- A. –pollEveryTime NO
- B. –expireAtLastByte YES
- C. –flashCache YES
- D. –heurExpiryParam 0
NEW QUESTION 10
Scenario: A Citrix Engineer must enable a cookie consistency security check and ensure that all the session cookies get encrypted during the transaction. The engineer needs to ensure that none of the persistent coolies are encrypted and decrypted and decrypt any encrypted cookies during the transaction.
Which cookie consistency security feature will the engineer configure in the following configuration to achieve the desired results?
add appfw profile Test123 –startURLAction none- denyURLAction none- cookieConsistencyAction log
–cookieTransforms ON –cookieEncryption ecryptSessionOnly –addCookieFlags httpOnly
–crossSiteScriptingAction none- SQLInjectionAction log stats –SQLInjectionTransfrormSpecialChars ON- SQLInjectionCheckSQLWildChars ON –fieldFormatAction none –bufferOverflowAction none
–responseContentType “application/octet-stream”- XMLSQLInjectionAction none –XMLXSSAction none-XMLWSIAction none- XMLValidationAction none
- A. Configure Encrypt Server cookies to “Encrypt All”
- B. Configure Encrypt Server cookies to “None”
- C. Configure Encrypt Server cookies to “Encrypt Session Only”
- D. Configure Encrypt Server cookies to “Encrypt only”
NEW QUESTION 11
Which protocol does NetScaler Management and Analytics System (NMAS) use when Discovery is run to locate instances?
- A. RIP
- B. TCP
- C. ICMP
- D. NITRO
The NetScaler MAS server sends an Internet Control Message Protocol (ICMP) ping to locate the instance. Then, it uses the instance profile details to log on to the instance. Using a NetScaler NITRO call, NetScaler MAS retrieves the license information of the instance. On the basis of the licensing information, it determines whether the instance is a NetScaler instance and the type of NetScaler platform (for example, NetScaler MPX, NetScaler VPX, NetScaler SDX, or NetScaler Gateway). On succesful detection of the NetScaler instance, it is added to the NetScaler MAS server’s database.
NEW QUESTION 12
The NetScaler processes HTTP/2 web client connections to the backend web servers by . (Choose the correct option to complete the sentence.)
- A. Converting the HTTP/2 headers to HTTP/1.1 headers and forwarding them to the web servers.
- B. Dropping HTTP/2 requests as it is NOT supported by web servers.
- C. Passing- through all HTTP/2 traffic to the web servers.
- D. Converting HTTP/2 to HTTP 0.9 and forwarding the packets to the web servers.
NEW QUESTION 13
Scenario: A hacker accessed the HTML code from a product page and manipulated the HTML code as shown: Original Value: <input type=hidden name=price value=2379.73>
Manipulated Value: <input type=hidden name=price value=9.24>
Which security check can the engineer configure to counter the manipulation?
- A. Content-type
- B. Field Formats
- C. Form Field consistency
- D. HTML Cross-Site Scripting
NEW QUESTION 14
Scenario: A Citrix Engineer has enabled learning on Application Firewall for all the Security checks on a basic profile that is configured in a production environment. However, after a few hours, the Application Firewall has stopped learning new data.
What is causing the issue?
- A. The learning database is limited to 20 MB in size and needs a reset.
- B. Application Firewall learning can only be enabled for an advanced profile.
- C. Application Firewall learning should only be enabled on Start URL.
- D. All the Security checks CANNOT be enabled simultaneously.
NEW QUESTION 15
A Citrix Engineer needs to implement Application Firewall to prevent the following tampering and vulnerabilities:
-If web server does NOT send a field to the user, the check should NOT allow the user to add that field and return data in the field.
-If a field is a read-only or hidden field, the check verifies that data has NOT changed.
-If a field is a list box or radio button field, the check verifies that data in the response corresponds to one of the values in that field.
Which security check can the engineer enable to meet this requirement?
- A. Field Formats
- B. Form Field Consistency
- C. HTML Cross-Site Scripting
- D. CSRF Form Tagging
NEW QUESTION 16
Scenario: A Citrix Engineer has a project to enable Integrated Caching on a NetScaler for a Financial Consulting company whose clients monitor their stocks in real time. Clients are reporting a delay in the displaying of the stock values.
What can the engineer configure on the NetScaler to enable data to be presented to the clients in real time?
- A. Dynamic Content Groups
- B. Basic Content Group
- C. Add another NetScaler
- D. Static Content Group
NEW QUESTION 17
Scenario: A Citrix Engineer needs to configure Application Firewall to handle SQL injection issues. However, after enabling SQL injection check, the backend server started dropping user requests.
The Application Firewall configuration is as follows:
add appfw profile Test123 –startURLAction none- denyURLAction none-crossSiteScriptingAction none
–SQLInjectionAction log stats- SQLInjection TransformSpecialChars ON
–SQLInjectionCheckSQLWildChars ON- fieldFormatAction none- bufferOverflowAction none- responseContentType “application/octet-stream” –XMLSQLInjectionAction none- XMLXSSAction none-XMLWSIAction none- XMLValidationAction none
What does the engineer need to change in the Application Firewall configuration?
- A. Enable-XMLSQLInjectionAction none
- B. Enable-XMLValidationAction none
- C. Disable- SQLInjectionCheckSQLWildChars ON
- D. Disable- SQLInjectionTransformSpecialChars ON
NEW QUESTION 18
Scenario: A Citrix Engineer configured an HTTP Denial-of-Service (DoS) protection policy by setting the Surge Queue depth to 300. The surge queue reaches a size of 308, triggering the NetScaler “attack” mode. The HTTP DoS window mechanism is left at the default size which, when reached, will trigger “no-attack” mode.
Which queue depth value must the Surge Queue be to trigger the “no-attack” mode?
- A. size should be less than 280.
- B. size should be 300.
- C. size should be 290.
- D. size should be between 280 and 300.
Recommend!! Get the Full 1Y0-340 dumps in VCE and PDF From Certstest, Welcome to Download: https://www.certstest.com/dumps/1Y0-340/ (New 106 Q&As Version)