1Y0-309 Citrix Access Gateway 8.0 Enterprise Edition Test Set 3

Will the client cleanup feature clean any data before the SSL VPN session begins?


Options are :

  • No. Client cleanup will not clean up any data before the SSL VPN session begins.
  • No. Client cleanup will not delete any Internet Explorer temporary files.
  • Yes. Client cleanup cleans up data regularly during the SSL VPN session.
  • Yes. Access Gateway 8.0 Enterprise Edition kills existing connections, so all data will be lost

Answer : No. Client cleanup will not clean up any data before the SSL VPN session begins.

1Y0-309 Citrix Access Gateway 8.0 Enterprise Edition Test Set 1

An administrator configuring Access Gateway 8.0 Enterprise Edition wants to use a private key type that is used by Access Gateway 8.0 Enterprise Edition for encryption services. Which private key type should the administrator select from the "Choose private key type" drop-down list in the SSL VPN "Certificate Wizard" to meet this requirement?


Options are :

  • RSA
  • DER
  • DSA
  • 3DES

Answer : RSA

Can a user apply themes using the Portal Administrator Tool to change the logo, banner, icon, font, color and layout settings of their portal page?


Options are :

  • Yes. The user can do it after the administrator enables it.
  • No. Only the administrator has the right to do so
  • No. The Portal Administrator Tool does not have this capability.
  • Yes. The user can always do it without administrator permission.

Answer : Yes. The user can do it after the administrator enables it.

An administrator wants to provide access to published applications that are hosted on Presentation Server only, without requiring the use of a VPN client. How can this functionality be implemented?


Options are :

  • Enable SmartAccess with ICA proxy
  • Enable single sign-on
  • Enable the ICA proxy feature
  • Enable Session Reliability on Web Interface

Answer : Enable the ICA proxy feature

1Y0-200 Managing Citrix XenDesktop 7 Solutions Exam Set 1

An administrator has just configured an intranet application in an Access Gateway 8.0 Enterprise Edition deployment. What must the administrator do to make it work?


Options are :

  • Apply it to a profile.
  • Bind it to a policy
  • Apply it to a farm.
  • Bind it to a virtual server.

Answer : Bind it to a virtual server.

When configuring SmartAccess integration, an administrator must ensure that which listed policy or filter is set up correctly in order for the policy to be applied on Presentation Server?


Options are :

  • The policy name on the Access Gateway appliance must match the policy name on the Presentation Server.
  • The filter name that is bound to the Presentation Server policy must match the name of the SSL VPN virtual server.
  • The Presentation Server policy must be applied to one of the authenticating user groups.The Presentation Server policy must be applied to one of the authenticating user? groups
  • The policy name on the Access Gateway appliance must match the filter name that is bound to the policy that is being applied to the Presentation Server hosted application.

Answer : The policy name on the Access Gateway appliance must match the filter name that is bound to the policy that is being applied to the Presentation Server hosted application.

Scenario: An administrator needs to configure an audit policy that will log major errors on the Access Gateway appliance as well as problems that might cause the Access Gateway appliance to function incorrectly, but which are not critical to its operation. Which two options need to be selected in the log level to configure the audit policy to meet these requirements? (Choose two.)


Options are :

  • Notice
  • Alert
  • Emergency
  • Warning

Answer : Alert Warning

1Y0-200 Managing Citrix XenDesktop 7 Solutions Exam Set 2

How can the Secure Access Client be removed from a device?


Options are :

  • Double click the Secure Access Client from the Windows Task Manager.
  • Programs>Citrix Access Gateway Enterprise Edition>Uninstall Secure Access Client
  • Settings>Control Panel>Add/Remove Programs, and select "Citrix Access Gateway Enterprise Edition"
  • Right click the Secure Access Client icon in the system tray and choose the "Uninstall" menu option.

Answer : Settings>Control Panel>Add/Remove Programs, and select "Citrix Access Gateway Enterprise Edition"

An IT organization has an internal portal page. Which Access Gateway 8.0 Enterprise Edition command should be used to load that internal portal page by default after a successful login?


Options are :

  • set vpn param -homepage "/vpns/internalportalpage.html"
  • set vpn -homepage "/vpns/internalportalpage.html"
  • set vpn -homepage http://portalpage_internal.company.com/
  • set vpn param -homepage http://internalportalpage.company.com/

Answer : set vpn param -homepage http://internalportalpage.company.com/

Which policy must be used to set the application timeout?


Options are :

  • Session
  • Authentication
  • Traffic
  • Authorization

Answer : Traffic

1Y0-200 Managing Citrix XenDesktop 7 Solutions Exam Set 3

Which policy must an administrator configure to ensure that every user device has personal firewall software installed & running before they connect to the network?


Options are :

  • Authentication
  • Session
  • Authorization
  • Traffic

Answer : Session

Scenario: An administrator configuring authorization rules wants to simplify the process by leveraging Access Gateway 8.0 Enterprise Edition. The administrator wants to extract groups to which a user belongs to, as part of the authentication process from the external authentication servers in the environment. Which two external authentication servers can be leveraged when configuring authorization for users in an Access Gateway 8.0 Enterprise Edition deployment? (Choose two.)


Options are :

  • RADIUS
  • NT4
  • TACACS
  • LDAP

Answer : RADIUS LDAP

An administrator created a new VPN virtual server without binding any session policies to it. What is the default authorization action for users logging in to this VPN virtual server?


Options are :

  • DENY. This is the default behavior.
  • ALLOW. No session policy is bound to the virtual server.
  • DENY. No session policy is bound to the virtual server.
  • ALLOW. This is the default behavior.

Answer : ALLOW. This is the default behavior.

1Y0-200 Managing Citrix XenDesktop 7 Solutions Practice Exam Set 1

An administrator needs to configure Access Gateway 8.0 Enterprise Edition to send the Access Gateway IP address to the RADIUS server as part of the RADIUS protocol. Which RADIUS parameter should the administrator configure on the Access Gateway 8.0 Enterprise Edition appliance to meet this requirement?


Options are :

  • Server Loop Back IP Address
  • Network Access Server (NAS) Identifier
  • Server Identifier
  • Network Access Server (NAS) IP Address

Answer : Network Access Server (NAS) IP Address

Which feature or option must be configured when split tunneling is set to "ON"? A.Bookmark B.Intranet application C.Authorization policy D.Authentication policy Which feature or option must be configured when split tunneling is set to "ON"?


Options are :

  • Authentication policy
  • Intranet application
  • Authorization policy
  • Bookmark

Answer : Intranet application

In which three areas can an administrator enable single sign-on for VPN users? (Choose three.)


Options are :

  • Inside a traffic profile
  • In each user account
  • Inside a session profile
  • In the SSL VPN global settings

Answer : Inside a traffic profile Inside a session profile In the SSL VPN global settings

1Y0-200 Managing Citrix XenDesktop 7 Solutions Practice Exam Set 2

Scenario: An administrator needs to configure Access Gateway in order to replace the current Secure Gateway implementation in an environment. The administrator decides to configure the initial IP settings through a command line interface. Which command should the administrator use to configure the mapped IP address for this environment?


Options are :

  • add ns ip -type snip
  • add ns ip -type nsip
  • add ns ip -type ip
  • add ns ip -type mip

Answer : add ns ip -type mip

Scenario: A consultant is in charge of a new Access Gateway 8.0 Enterprise Edition deployment at a large customer site. The customer requires that the time zone on the appliance be set to Eastern Standard Time (EST). Which statement is true about the time zone on the Access Gateway 8.0 Enterprise Edition appliance?


Options are :

  • The time zone configured on the appliance is inherited automatically by any policies set on the appliance
  • The time zone setting updates automatically
  • The time zone of the appliance must match the time zone of the Web Interface server, if the virtual server is in ICA Proxy mode.
  • The time zone setting on the appliance can be changed using the nsconfig utility.

Answer : The time zone setting on the appliance can be changed using the nsconfig utility.

Which interception mode must an administrator use when configuring intranet applications for an environment in which the Java Client will be used?


Options are :

  • Transparent
  • VPN
  • Reverse
  • Proxy

Answer : Proxy

1Y0-200 Managing Citrix XenDesktop 7 Solutions Practice Exam Set 3

Which command should an administrator use when setting up the network configurations on an individual appliance that will be used in a HA pair?


Options are :

  • config BSD
  • config t
  • config ag
  • config ns

Answer : config ns

Which option in the Configuration Utility allows an administrator to limit the number of users who can log in to an Access Gateway 8.0 Enterprise Edition environment?


Options are :

  • Select Systems > Connections > Authentication settings, Maximum number of users
  • Select SSL VPN > Virtual Servers, Maximum Users
  • Select Systems > Virtual Servers > Policies, Maximum Users
  • Select SSL VPN > Global > Authentication settings, Maximum number of users

Answer : Select SSL VPN > Global > Authentication settings, Maximum number of users

Scenario: Dual authentication is configured on the Access Gateway 8.0 Enterprise Edition appliance. The appropriate group extraction configuration is configured on both the primary and secondary authentication servers, and a VPN user named "jdoe" exists on both authentication servers. How will groups be extracted for VPN user "jdoe"?


Options are :

  • The applicable groups from both the primary and secondary authentication servers will be extracted and matched to the group names configured on the appliance.
  • Only the groups from the primary authentication server will be extracted and matched to the group names configured on the secondary authentication server.
  • Only the groups in the secondary authentication server will be extracted and matched to the group names configured on the primary authentication server.
  • The groups to be extracted will be chosen by the administrator.

Answer : The applicable groups from both the primary and secondary authentication servers will be extracted and matched to the group names configured on the appliance.

1Y0-200 Managing Citrix XenDesktop 7 Solutions Practice Exam Set 4

An administrator is configuring remote access to applications through the VPN for specific users. All of the applications require a unique source IP address to access back-end resources. Which type of IP address should the administrator assign to these applications in order to ensure that they are accessible to the users?


Options are :

  • SNIP
  • Intranet
  • NSIP
  • MIP

Answer : Intranet

Scenario: A Network Administrator needs to configure access to published resources in a farm for Presentation Server, through Access Gateway. The administrator has been instructed to implement Access Gateway as a replacement for the current Secure Gateway deployment without SmartAccess. Which 3 settings does the administrator need to implement to meet these requirements? (Choose three.)


Options are :

  • Configure the Secure Ticket Authority server
  • Set the Access Gateway home page to the Web Interface URL
  • Set ICA Proxy to ON
  • Set NT Domain

Answer : Configure the Secure Ticket Authority server Set the Access Gateway home page to the Web Interface URL Set ICA Proxy to ON

Which Access Gateway 8.0 Enterprise Edition policy would an administrator use to configure split tunneling?


Options are :

  • Traffic
  • Authentication
  • Authorization
  • Session

Answer : Session

1Y0-200 Managing Citrix XenDesktop 7 Solutions Practice Test Set 1

In the Policy Precedence Model for Access Gateway 8.0 Enterprise Edition what is prioritized, evaluated & enforced?


Options are :

  • Profiles of different types
  • Policies of different types
  • Policies of the same type
  • Profiles of the same type

Answer : Policies of the same type

1Y0-200 Managing Citrix XenDesktop 7 Solutions Practice Test Set 2

Which pre-authentication expression must be used if an administrator needs to indicate that Symantec version 7.5 or McAfee version 11 is running and Trend Micro version 8.0 is not running?


Options are :

  • av_5_Symantec_7_5 || av_5_McAfeevirusscan_11 && CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0
  • (av_5_Symantec_7_5 && av_5_McAfeevirusscan_11) || CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0
  • (av_5_Symantec_7_5 || av_5_McAfeevirusscan_11) && CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0
  • av_5_Symantec_7_5 && av_5_McAfeevirusscan_11 || CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0

Answer : (av_5_Symantec_7_5 || av_5_McAfeevirusscan_11) && CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0

What is true about double-source authentication?


Options are :

  • It uses two separate user names and the same password for the primary and secondary nodes.
  • It uses two separate user names and passwords, one for the primary node and one for the secondary node.
  • It uses the same user name and password for both the primary and the secondary nodes.
  • It uses the same user name and two separate passwords for the primary and secondary nodes.

Answer : It uses the same user name and two separate passwords for the primary and secondary nodes.

Which option must an administrator select for intranet IP to ensure that the mapped IP is used when the appliance runs out off intranet IPs to assign to new users?


Options are :

  • OFF
  • SPILLOVER
  • ON
  • NOSPILLOVER

Answer : SPILLOVER

1Y0-200 Managing Citrix XenDesktop 7 Solutions Practice Test Set 3

Scenario: An administrator has created a few personal folder files (*.PST) on the system when accessing Outlook over the VPN session. The administrator wants to delete these *.PST files created after logging out of the VPN session. How must the administrator configure client side cleanup to meet the above requirements?


Options are :

  • Configure it to clean up the address bar.
  • Configure it to clean up application data.
  • Configure it to clean up temporary files.
  • Configure it to clean up cookies.

Answer : Configure it to clean up application data.

The following configuration is set on the Access Gateway 8.0 Enterprise Edition appliance: >global default authorization ALLOW >Authorization policy "FSpol1" "FS.COMMAND == login && FS.USER == ALICE" DENY >Authorization policy "FSpol2" "(FS.COMMAND == put || FS.COMMAND == mkdir) && FS.SERVER == 10.10.2.10" DENY >Authorization policy "FSpol3" "FS.FILESIZE >1024" DENY >add aaa user Alice >add aaa user Bob >add aaa user Joe >bind aaa user Alice -policy FSpol1 >bind aaa user Bob -policy FSpol2 >bind aaa user Bob -policy FSpol3 Which of the following two statements can be accomplished? (Choose two.)


Options are :

  • Bob logged into the VPN successfully, logged into File System server 10.10.2.11 and downloaded a file of size 500 Bytes
  • Bob logged into the VPN successfully, logged into the File System server 10.10.2.10 and created a new directory
  • Joe logged into the VPN successfully and logged into the File System server 10.10.2.10
  • Alice logged into the VPN successfully and logged into the File System server 10.10.2.11

Answer : Bob logged into the VPN successfully, logged into File System server 10.10.2.11 and downloaded a file of size 500 Bytes Joe logged into the VPN successfully and logged into the File System server 10.10.2.10

An administrator just configured a client security check using this expression: CLIENT.OS(Windows XP Pro).SP == 2 -frequency 2 What does the "2 -frequency 2" portion of this expression indicate?


Options are :

  • To check for two hotfixes and run every 2 hours
  • To check for Service Pack 2 and run every 2 minutes
  • To check for two hotfixes and run every 2 minutes
  • To check for Service Pack 2 and run every 2 hours

Answer : To check for Service Pack 2 and run every 2 minutes

1Y0-200 Managing Citrix XenDesktop 7 Solutions Practice Test Set 4

Is the bookmark feature on the portal page the same as the Internet Explorer Favorite feature?


Options are :

  • They are exactly the same because both can be used to remember a URL
  • They are not the same. Bookmarks on the portal page can be used to bookmark not only URLs but also the CIFS file server.
  • They are not the same because users can delete universal bookmarks configured by the administrator.
  • They are the same. The Portal page bookmark can be used to launch applications, which is the same as Web Interface for Presentation Server.

Answer : They are not the same. Bookmarks on the portal page can be used to bookmark not only URLs but also the CIFS file server.

When creating a Web Interface site for use with Access Gateway 8.0 Enterprise Edition, which mode of access or authentication should be specified for the Web Interface site?


Options are :

  • SmartAccess Control
  • Pass-through authentication
  • Advanced Access Control
  • Explicit authentication

Answer : Advanced Access Control

When configuring a Web Interface site for SmartAccess, without the full VPN client OR with Access Gateway 8.0 Enterprise Edition replacing Secure Gateway proxy, which mode of access should be configured in the "Edit DMZ Settings" portion of the Access Management Console?


Options are :

  • Gateway Translated
  • Direct
  • Gateway Direct
  • Translated

Answer : Gateway Direct

1Y0-201 Managing Citrix XenDesktop 7.6 Solutions Exam Set 1

Secure Access Client needs root privileges to do which two things? (Choose two.)


Options are :

  • For Endpoint Analysis checks that require administrative privileges
  • To be installed
  • For upgrading or downgrading itself
  • To provide basic VPN tunneling functionality

Answer : For Endpoint Analysis checks that require administrative privileges To be installed

An IT organization has a client certificate configured. The administrator did not enable the cleanup client certificate option. The administrator decided not to prompt a user with the Windows cleanup dialog box. Will the cleanup client certificate be installed in Internet Explorer after logout?


Options are :

  • Yes, Windows Client cleanup does the cleanup work even though it is not configured
  • No, the SSL client certificate needs manual cleanup.
  • Yes, the user has a chance to click on client cleanup windows to cleanup the client certificate.
  • Yes, client cleanup code will do it.

Answer : No, the SSL client certificate needs manual cleanup.

How can an administrator disable the SSL warning message?


Options are :

  • The SSL warning message cannot be disabled in the Configuration Utility
  • Select SSL VPN global settings > Client Experience Advanced > General, deselect SSL warning message
  • Select SSL VPN global settings > Client Experience Advanced > Client Options, deselect SSL warning message
  • Select SSL VPN global settings > Security Settings Advanced > Client Security, enable SSL warning message

Answer : The SSL warning message cannot be disabled in the Configuration Utility

1Y0-201 Managing Citrix XenDesktop 7.6 Solutions Exam Set 2

What is responsible for performing the client side decompression for HTTP/Web response compression for the Access Gateway 8.0 Enterprise Edition appliance?


Options are :

  • Web browser
  • Java Client
  • Presentation Server client
  • JavaScript

Answer : Web browser

Which two policies constitute SmartAccess functionality on Access Gateway 8.0 Enterprise Edition? (Choose two.)


Options are :

  • Traffic
  • Session
  • Authorization
  • Pre-Authentication

Answer : Session Pre-Authentication

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions