1Y0-309 Citrix Access Gateway 8.0 Enterprise Edition Set 4

What are three pieces of information that are required to configure Access Gateway 8.0 Enterprise Edition to authenticate users with LDAP servers? (Choose three.)


Options are :

  • Bind DN (Correct)
  • Server DN
  • Bind DN password (Correct)
  • Base DN (Correct)

Answer : Bind DN Bind DN password Base DN

An administrator already has an Access Gateway 8.0 Enterprise Edition appliance and wants to add a second appliance in a High Availability (HA) pair. Which three configurations must the administrator perform to set up the HA pair successfully? (Choose three.)


Options are :

  • Add the first appliance as an HA node on the second appliance. (Correct)
  • Configure the same mapped IP on both appliances in the HA pair. (Correct)
  • Configure the same NetScaler IP on both appliances in the HA pair.
  • Add the second appliance as an HA node on the first appliance. (Correct)

Answer : Add the first appliance as an HA node on the second appliance. Configure the same mapped IP on both appliances in the HA pair. Add the second appliance as an HA node on the first appliance.

An administrator is in the process of installing Access Gateway 8.0 Enterprise Edition in an environment and is considering implementing split DNS lookups. When would the administrator enable split DNS lookups in this environment?


Options are :

  • There is a need to allow clients to send ICA packets through Access Gateway from one domain to another using the DNS names of the destination clients or servers in the other domain.
  • There is a need for internal users to access external resources without revealing the IP addresses of the servers hosting those resources.
  • There is a need to look up all domain names on the remote network regardless of the split tunneling configuration
  • There is a need to look up domain names both on the internal and external networks when split tunneling is enabled. (Correct)

Answer : There is a need to look up domain names both on the internal and external networks when split tunneling is enabled.

Citrix 1Y0-351 NetScaler 10.5 Essentials and Networking Exam Set 5

Which three statements are true about the Access Gateway 8.0 Enterprise Edition appliance auditing functionality? (Choose three.)


Options are :

  • By default, the audit logs are created on the Access Gateway 8.0 Enterprise Edition appliance in the /VAR/LOG/NS.LOG file (Correct)
  • The last 256 audit logs can be viewed by an administrator using the Configuration Utility or a command line interface (Correct)
  • Audit logs can be sent to external audit servers using audit policies configured at the user, group, virtual server and global levels (Correct)
  • The last 512 audit logs can be viewed by an administrator using the Configuration Utility or a command line interface

Answer : By default, the audit logs are created on the Access Gateway 8.0 Enterprise Edition appliance in the /VAR/LOG/NS.LOG file The last 256 audit logs can be viewed by an administrator using the Configuration Utility or a command line interface Audit logs can be sent to external audit servers using audit policies configured at the user, group, virtual server and global levels

An administrator has enabled split tunneling for an environment. What must the administrator do to ensure that the client on user devices intercepts intranet traffic only and routes other traffic directly to the appropriate servers?


Options are :

  • Define an intranet application policy. (Correct)
  • Change the routing table on the client devices so that intranet traffic is tunneled to the intranet.
  • Assign intranet IP addresses to resources going through the VPN
  • Set split tunneling to OFF.

Answer : Define an intranet application policy.

Scenario: A major technology company wants to upgrade their current Access Gateway deployment to ensure that it meets their growing remote access needs as they acquire new companies. Currently, the company is supporting nearly 3,000 concurrent users on their existing SSL VPN. Due to a recently-completed merger, the company expects the concurrent user sessions through Access Gateway to increase by 40% over the next year. Which Access Gateway 8.0 Enterprise Edition appliance platform handles the most concurrent user traffic and would be appropriate for this company?


Options are :

  • 12000 series
  • 7000 series
  • 2000 series
  • 10000 series (Correct)

Answer : 10000 series

Citrix 1Y0-327 Password Manager 4.5 Administration Exam Set 1

Scenario: A consultant is in charge of a new Access Gateway 8.0 Enterprise Edition deployment at a large customer site. The customer gave the consultant the following information and IP addresses to use when configuring the Access Gateway 8.0 Enterprise Edition appliance: Internal Citrix Presentation Server 4.0 IP address: 10.165.30.12 Time Zone to be used: Eastern Standard Time (EST) IP addresses to use when configuring the Access Gateway 8.0 Enterprise Edition deployment MIP - 10.165.30.45 NSIP - 10.165.30.60 VIP - 12.15.30.62 DNS Server - 78.35.14.99 If configured correctly, which IP address will the Access Gateway 8.0 Enterprise Edition appliance use as source IP to communicate with the Citrix Presentation Server?


Options are :

  • 10.165.30.45 (Correct)
  • 78.35.14.99
  • 10.165.30.60
  • 12.15.30.62

Answer : 10.165.30.45

An administrator wants to configure an IP address that will be used by the Access Gateway appliance as a source IP address to connect to internal servers on the corporate network. Which IP type must be configured by the administrator?


Options are :

  • Virtual IP
  • Global Server Load Balancing site IP
  • Mapped IP (Correct)
  • NetScaler IP

Answer : Mapped IP

An administrator needs to transparently intercept all TCP, NetBIOS, UDP and HTTP traffics destined for the company's private network in order to make remote access stricter without limiting its use. Which mechanism must the administrator use to allow for stricter remote access?


Options are :

  • ActiveX Plug-in (Correct)
  • JavaScript
  • Java Client
  • Presentation Server Client

Answer : ActiveX Plug-in

Citrix 1Y0-327 Password Manager 4.5 Administration Test Set 5

Scenario: An administrator wants users to be able to access back-end resources running on file servers and application servers in an environment. The administrator has Access Gateway 8.0 Enterprise Edition deployed, and the Secure Access client is used to establish VPN tunnels to the corporate network. There are no intranet applications configured in this environment, and split tunneling is turned off. Which two statements are true regarding why users in this environment will be able to access applications on file and application servers? (Choose two.)


Options are :

  • Users will be able to access file and application servers because the back-end resources have been assigned specific intranet IP addresses.
  • Users will be able to access file and application servers because the back-end resources in this environment have been configured as published applications.
  • Users will be able to access file and application servers as long as an authorization policy is configured to allow them access to resources on the file and application servers (Correct)
  • Users will be able to access file and application servers as long as they can authenticate through the VPN. (Correct)

Answer : Users will be able to access file and application servers as long as an authorization policy is configured to allow them access to resources on the file and application servers Users will be able to access file and application servers as long as they can authenticate through the VPN.

When creating the server certificate for an Access Gateway 8.0 Enterprise Edition virtual server in ICA Proxy mode, the Common Name (CN) should match that of the FQDN of the______. (Choose the correct option to complete the sentence.)


Options are :

  • VPN virtual server (Correct)
  • Secure Ticket Authority server
  • Web Interface server
  • Presentation Server

Answer : VPN virtual server

Which two parameters must be configured within the Access Gateway 8.0 Enterprise Edition Global Authentication RADIUS settings or RADIUS Authentication Server settings in order to extract groups from a RADIUS server? (Choose two.)


Options are :

  • Login Name
  • RADIUS Group Vendor ID (Correct)
  • Group Attribute Type (Correct)
  • Search Filter

Answer : RADIUS Group Vendor ID Group Attribute Type

Citrix 1Y0-731 Netscaler 8.0 Administration Practice Exam Set 2

An administrator can assign intranet IP addresses per ______, ______ and _______. (Choose the three options that correctly complete the sentence.)


Options are :

  • Client Subnet
  • AAA User (Correct)
  • VPN Virtual Server (Correct)
  • AAA Group (Correct)

Answer : AAA User VPN Virtual Server AAA Group

When configuring an intranet application in proxy mode, which protocol must the administrator select?


Options are :

  • HTTP
  • FTP
  • UDP
  • TCP (Correct)

Answer : TCP

A public research university needs to provide remote access to the students in its distance learning program. Which Access Gateway 8.0 Enterprise Edition client should the Network Administrator deploy in order to ensure that every student is able to connect to the environment?


Options are :

  • Presentation Server
  • ActiveX Plug-in
  • Java Client (Correct)
  • Secure Access

Answer : Java Client

An administrator has been instructed to give a specific user in the Finance group, access to Engineering resources. Which level should the administrator assign the policy to when configuring access for this user?


Options are :

  • Organization
  • Group
  • Team
  • User (Correct)

Answer : User

Scenario: An administrator needs to bind a policy that changes specific configuration settings to certain users. To make the users' sign-on to intranet applications seamless, the administrator enables single sign-on within the profile of the policy. Which type of policy must the administrator use in order to complete the task?


Options are :

  • Session (Correct)
  • Authentication
  • Authorization
  • TCP Compression

Answer : Session

Scenario: A consultant is in charge of a new Access Gateway 8.0 Enterprise Edition deployment at a large customer site. The customer supplied the consultant with the internal Citrix Presentation Server 4.0 IP address of 10.165.30.12 for use when configuring the Access Gateway 8.0 Enterprise Edition appliance. What are two ways in which the Secure Ticket Authority server can be configured on Access Gateway 8.0 Enterprise Edition? (Choose two.)


Options are :

  • Select SSL VPN > Global > Secure Ticket Authority Servers section (Correct)
  • Bind the Secure Ticket Authority server to the VPN Virtual Server (Correct)
  • Select SSL VPN > Global >Intranet Domains section
  • Type add ns ip IP_ADDR -type Secure Ticket Authority

Answer : Select SSL VPN > Global > Secure Ticket Authority Servers section Bind the Secure Ticket Authority server to the VPN Virtual Server

1Y0-309 Citrix Access Gateway 8.0 Enterprise Edition Set 2

An administrator created a new VPN virtual server without binding any session policies to it. What is the default authorization action for users logging in to this VPN virtual server?


Options are :

  • DENY. This is the default behavior.
  • ALLOW. This is the default behavior. (Correct)
  • ALLOW. No session policy is bound to the virtual server.
  • DENY. No session policy is bound to the virtual server.

Answer : ALLOW. This is the default behavior.

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions