1Y0-309 Citrix Access Gateway 8.0 Enterprise Edition Test Set 1

Which option in the Configuration Utility allows an administrator to limit the number of users who can log in to an Access Gateway 8.0 Enterprise Edition environment?


Options are :

  • Select Systems > Virtual Servers > Policies, Maximum Users
  • Select SSL VPN > Global > Authentication settings, Maximum number of users (Correct)
  • Select SSL VPN > Virtual Servers, Maximum Users
  • Select Systems > Connections > Authentication settings, Maximum number of users

Answer : Select SSL VPN > Global > Authentication settings, Maximum number of users

Citrix 1Y0-371 Designing Deploying Managing Citrix Exam Set 1

Scenario: An administrator wants to ensure that whenever VPN users try to access corporate network resources and servers by name, the name of those resources and servers resolve to the IP addresses in the corporate network. What are two ways the administrator can configure settings to meet the needs of this environment? (Choose two.)


Options are :

  • Set split tunneling to OFF (Correct)
  • Configure an intranet application and set split tunneling to OFF
  • Set split tunneling to ON and DNS to Remote (Correct)
  • Configure an intranet IP address and set split tunneling to OFF

Answer : Set split tunneling to OFF Set split tunneling to ON and DNS to Remote

Scenario: A consultant is in charge of a new Access Gateway 8.0 Enterprise Edition deployment at a large customer site. The customer requires that the time zone on the appliance be set to Eastern Standard Time (EST). Which statement is true about the time zone on the Access Gateway 8.0 Enterprise Edition appliance?


Options are :

  • The time zone of the appliance must match the time zone of the Web Interface server, if the virtual server is in ICA Proxy mode.
  • The time zone setting on the appliance can be changed using the nsconfig utility. (Correct)
  • The time zone setting updates automatically
  • The time zone configured on the appliance is inherited automatically by any policies set on the appliance

Answer : The time zone setting on the appliance can be changed using the nsconfig utility.

Which Access Gateway 8.0 Enterprise Edition policy would an administrator use to configure split tunneling?


Options are :

  • Session (Correct)
  • Authorization
  • Traffic
  • Authentication

Answer : Session

Citrix 1Y0-614 Access Suite 4.0 Design Practice Exam Set 4

When creating the server certificate for an Access Gateway 8.0 Enterprise Edition virtual server in ICA Proxy mode, the Common Name (CN) should match that of the FQDN of the______. (Choose the correct option to complete the sentence.)


Options are :

  • Secure Ticket Authority server
  • VPN virtual server (Correct)
  • Web Interface server
  • Presentation Server

Answer : VPN virtual server

Scenario: Currently an administrator is using an administration audit policy that has been configured to display more information in the audit log. The IT Manager has requested that the administrator modifies the audit policy to just display potential issues that may result in an error or critical error. Which option(s) must the administrator check in the audit policy to meet this new requirement?


Options are :

  • Alert, Critical and Notice
  • Warning
  • Emergency, Alert, Critical, Error and Warning (Correct)
  • Notice and Warning

Answer : Emergency, Alert, Critical, Error and Warning

Which policy must an administrator configure to ensure that every user device has personal firewall software installed and running before they connect to the network?


Options are :

  • Session (Correct)
  • Traffic
  • Authorization
  • Authentication

Answer : Session

Citrix 1Y0-327 Password Manager 4.5 Administration Test Set 1

In which three areas can an administrator enable single sign-on for VPN users? (Choose three.)


Options are :

  • In each user account
  • Inside a traffic profile (Correct)
  • In the SSL VPN global settings (Correct)
  • Inside a session profile (Correct)

Answer : Inside a traffic profile In the SSL VPN global settings Inside a session profile

Which feature or option must be configured when split tunneling is set to "ON"? A.Bookmark B.Intranet application C.Authorization policy D.Authentication policy Which feature or option must be configured when split tunneling is set to "ON"?


Options are :

  • Bookmark
  • Authentication policy
  • Intranet application (Correct)
  • Authorization policy

Answer : Intranet application

Scenario: A company currently has Secure Gateway in its environment. The company has been undergoing major expansions, and the number of employees has grown by 60% over the past three years. Recently, the company acquired a new company and is planning on integrating that company into its environment. Because of the growing number of employees, more servers and rack space are being consumed to support the growing user traffic. Which Access Gateway 8.0 Enterprise Edition deployment type would meet the needs of this environment?


Options are :

  • Access Gateway in VPN mode
  • Access Gateway in Presentation Server mode
  • Access Gateway in Web Interface mode
  • Access Gateway in Secure Gateway mode (Correct)

Answer : Access Gateway in Secure Gateway mode

Citrix 1Y0-327 Password Manager 4.5 Administration Test Set 3

An administrator wants to configure an IP address that will be used by the Access Gateway appliance as a source IP address to connect to internal servers on the corporate network. Which IP type must be configured by the administrator?


Options are :

  • Global Server Load Balancing site IP
  • Mapped IP (Correct)
  • Virtual IP
  • NetScaler IP

Answer : Mapped IP

An administrator is concerned that the default Access Gateway password for an appliance in the first DMZ has been compromised, so the default password needs to be changed. The administrator should connect to the appliance to change the nsroot password through ______. (Choose the correct option to complete the sentence.)


Options are :

  • SSH
  • the Configuration Utility
  • Telnet
  • a serial port (Correct)

Answer : a serial port

Scenario: An administrator needs to configure Access Gateway in order to replace the current Secure Gateway implementation in an environment. The administrator decides to configure the initial IP settings through a command line interface. Which command should the administrator use to configure the mapped IP address for this environment?


Options are :

  • add ns ip -type mip (Correct)
  • add ns ip -type snip
  • add ns ip -type ip
  • add ns ip -type nsip

Answer : add ns ip -type mip

Citrix 1Y0-614 Access Suite 4.0 Design Practice Exam Set 2

Which command should an administrator use when setting up the network configurations on an individual appliance that will be used in a HA pair?


Options are :

  • config ns (Correct)
  • config ag
  • config BSD
  • config t

Answer : config ns

Scenario: An administrator configuring authorization rules wants to simplify the process by leveraging Access Gateway 8.0 Enterprise Edition. The administrator wants to extract groups to which a user belongs to, as part of the authentication process from the external authentication servers in the environment. Which two external authentication servers can be leveraged when configuring authorization for users in an Access Gateway 8.0 Enterprise Edition deployment? (Choose two.)


Options are :

  • LDAP (Correct)
  • TACACS
  • NT4
  • RADIUS (Correct)

Answer : LDAP RADIUS

When accessing an intranet site through Access Gateway 8.0 Enterprise Edition, which mechanism will load with a list of pre-configured resource IP addresses and port numbers?


Options are :

  • JavaScript
  • ActiveX Plug-in
  • Presentation Server Client
  • Java Client (Correct)

Answer : Java Client

Citrix 1Y0-351 NetScaler 10.5 Essentials and Networking Exam Set 4

An administrator is configuring remote access to applications through the VPN for specific users. All of the applications require a unique source IP address to access back-end resources. Which type of IP address should the administrator assign to these applications in order to ensure that they are accessible to the users?


Options are :

  • Intranet (Correct)
  • SNIP
  • NSIP
  • MIP

Answer : Intranet

Which three pieces of information are logged by the Access Gateway 8.0 Enterprise Edition appliance in its audit logs? (Choose three.)


Options are :

  • Individual user's Login/Logout, Group membership and Authentication failure log records (Correct)
  • Individual user's HTTP request, TCP connection and UDP flow statistics (Correct)
  • Individual user's ICMP flow statistics and Authorization failure log records
  • Individual group's Login/Logout statistics and Authentication failure log records
  • System status events (for example: device up/down) and Configuration events log records (Correct)

Answer : Individual user's Login/Logout, Group membership and Authentication failure log records Individual user's HTTP request, TCP connection and UDP flow statistics System status events (for example: device up/down) and Configuration events log records

Scenario: An administrator wants users to be able to access back-end resources running on file servers and application servers in an environment. The administrator has Access Gateway 8.0 Enterprise Edition deployed, and the Secure Access client is used to establish VPN tunnels to the corporate network. There are no intranet applications configured in this environment, and split tunneling is turned off. Which two statements are true regarding why users in this environment will be able to access applications on file and application servers? (Choose two.)


Options are :

  • Users will be able to access file and application servers because the back-end resources in this environment have been configured as published applications.
  • Users will be able to access file and application servers because the back-end resources have been assigned specific intranet IP addresses.
  • Users will be able to access file and application servers as long as they can authenticate through the VPN. (Correct)
  • Users will be able to access file and application servers as long as an authorization policy is configured to allow them access to resources on the file and application servers. (Correct)

Answer : Users will be able to access file and application servers as long as they can authenticate through the VPN. Users will be able to access file and application servers as long as an authorization policy is configured to allow them access to resources on the file and application servers.

Citrix 1Y0-371 Designing Deploying Managing Citrix Exam Set 3

Scenario: Dual authentication is configured on the Access Gateway 8.0 Enterprise Edition appliance. The appropriate group extraction configuration is configured on both the primary and secondary authentication servers, and a VPN user named "jdoe" exists on both authentication servers. How will groups be extracted for VPN user "jdoe"?


Options are :

  • Only the groups from the primary authentication server will be extracted and matched to the group names configured on the secondary authentication server.
  • The applicable groups from both the primary and secondary authentication servers will be extracted and matched to the group names configured on the appliance. (Correct)
  • Only the groups in the secondary authentication server will be extracted and matched to the group names configured on the primary authentication server.
  • The groups to be extracted will be chosen by the administrator.

Answer : The applicable groups from both the primary and secondary authentication servers will be extracted and matched to the group names configured on the appliance.

An administrator created a new VPN virtual server without binding any session policies to it. What is the default authorization action for users logging in to this VPN virtual server?


Options are :

  • ALLOW. This is the default behavior. (Correct)
  • DENY. This is the default behavior.
  • ALLOW. No session policy is bound to the virtual server.
  • DENY. No session policy is bound to the virtual server.

Answer : ALLOW. This is the default behavior.

An administrator needs to configure Access Gateway 8.0 Enterprise Edition to send the Access Gateway IP address to the RADIUS server as part of the RADIUS protocol. Which RADIUS parameter should the administrator configure on the Access Gateway 8.0 Enterprise Edition appliance to meet this requirement?


Options are :

  • Server Identifier
  • Network Access Server (NAS) Identifier
  • Server Loop Back IP Address
  • Network Access Server (NAS) IP Address (Correct)

Answer : Network Access Server (NAS) IP Address

Citrix 1Y0-351 NetScaler 10.5 Essentials and Networking Exam Set 8

Scenario: A Network Administrator needs to configure access to published resources in a farm for Presentation Server, through Access Gateway. The administrator has been instructed to implement Access Gateway as a replacement for the current Secure Gateway deployment without SmartAccess. Which three settings does the administrator need to implement to meet these requirements? (Choose three.)


Options are :

  • Set ICA Proxy to ON (Correct)
  • Set NT Domain
  • Set the Access Gateway home page to the Web Interface URL (Correct)
  • Configure the Secure Ticket Authority server (Correct)

Answer : Set ICA Proxy to ON Set the Access Gateway home page to the Web Interface URL Configure the Secure Ticket Authority server

Which interception mode must an administrator use when configuring intranet applications for an environment in which the Java Client will be used?


Options are :

  • Reverse
  • Proxy (Correct)
  • Transparent
  • VPN

Answer : Proxy

Scenario: A consultant is in charge of a new Access Gateway 8.0 Enterprise Edition deployment at a large customer site. The customer gave the consultant the following information and IP addresses to use when configuring the Access Gateway 8.0 Enterprise Edition appliance: Internal Citrix Presentation Server 4.0 IP address: 192.168.100.12 Time Zone to be used: Eastern Standard Time (EST) IP addresses to use when configuring the Access Gateway 8.0 Enterprise Edition deployment NSIP: 10.165.30.45 MIP: 10.165.30.60 VIP: 12.15.30.62 Which two configuration options could be configured on the Access Gateway 8.0 Enterprise Edition appliance in order to communicate with the Citrix Presentation Server? (Choose two.)


Options are :

  • Subnet IP in the 192.168.100.x subnet (Correct)
  • Static Route to the 192.168.100.x subnet (Correct)
  • Virtual Server in the 192.168.100.x subnet
  • Intranet IP in the 192.168.100.x subnet

Answer : Subnet IP in the 192.168.100.x subnet Static Route to the 192.168.100.x subnet

Citrix 1Y0-327 Password Manager 4.5 Administration Exam Set 6

Is the bookmark feature on the portal page the same as the Internet Explorer Favorite feature?


Options are :

  • They are not the same. Bookmarks on the portal page can be used to bookmark not only URLs but also the CIFS file server. (Correct)
  • They are not the same because users can delete universal bookmarks configured by the administrator.
  • They are exactly the same because both can be used to remember a URL
  • They are the same. The Portal page bookmark can be used to launch applications, which is the same as Web Interface for Presentation Server.

Answer : They are not the same. Bookmarks on the portal page can be used to bookmark not only URLs but also the CIFS file server.

Citrix 1Y0-992 Meta Frame Presentation Server Feature Exam Set 2

How can the Secure Access Client be removed from a device?


Options are :

  • Double click the Secure Access Client from the Windows Task Manager.
  • Right click the Secure Access Client icon in the system tray and choose the "Uninstall" menu option.
  • Programs>Citrix Access Gateway Enterprise Edition>Uninstall Secure Access Client
  • Settings>Control Panel>Add/Remove Programs, and select "Citrix Access Gateway Enterprise Edition" (Correct)

Answer : Settings>Control Panel>Add/Remove Programs, and select "Citrix Access Gateway Enterprise Edition"

An administrator has just configured an intranet application in an Access Gateway 8.0 Enterprise Edition deployment. What must the administrator do to make it work?


Options are :

  • Bind it to a policy
  • Bind it to a virtual server. (Correct)
  • Apply it to a farm.
  • Apply it to a profile.

Answer : Bind it to a virtual server.

Will the client cleanup feature clean any data before the SSL VPN session begins?


Options are :

  • Yes. Access Gateway 8.0 Enterprise Edition kills existing connections, so all data will be lost
  • No. Client cleanup will not delete any Internet Explorer temporary files.
  • No. Client cleanup will not clean up any data before the SSL VPN session begins. (Correct)
  • Yes. Client cleanup cleans up data regularly during the SSL VPN session.

Answer : No. Client cleanup will not clean up any data before the SSL VPN session begins.

Citrix 1Y0-614 Access Suite 4.0 Design Practice Exam Set 2

How can an administrator disable the SSL warning message?


Options are :

  • Select SSL VPN global settings > Client Experience Advanced > Client Options, deselect SSL warning message
  • Select SSL VPN global settings > Security Settings Advanced > Client Security, enable SSL warning message
  • Select SSL VPN global settings > Client Experience Advanced > General, deselect SSL warning message
  • The SSL warning message cannot be disabled in the Configuration Utility (Correct)

Answer : The SSL warning message cannot be disabled in the Configuration Utility

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions