1Y0-309 Citrix Access Gateway 8.0 Enterprise Edition Test Set 2

Scenario: An administrator has created a few personal folder files (*.PST) on the system when accessing Outlook over the VPN session. The administrator wants to delete these *.PST files created after logging out of the VPN session. How must the administrator configure client side cleanup to meet the above requirements?


Options are :

  • Configure it to clean up temporary files.
  • Configure it to clean up application data. (Correct)
  • Configure it to clean up cookies.
  • Configure it to clean up the address bar.

Answer : Configure it to clean up application data.

When configuring SmartAccess integration, an administrator must ensure that which listed policy or filter is set up correctly in order for the policy to be applied on Presentation Server?


Options are :

  • The policy name on the Access Gateway appliance must match the filter name that is bound to the policy that is being applied to the Presentation Server hosted application. (Correct)
  • The Presentation Server policy must be applied to one of the authenticating user groups.The Presentation Server policy must be applied to one of the authenticating user? groups
  • The policy name on the Access Gateway appliance must match the policy name on the Presentation Server.
  • The filter name that is bound to the Presentation Server policy must match the name of the SSL VPN virtual server.

Answer : The policy name on the Access Gateway appliance must match the filter name that is bound to the policy that is being applied to the Presentation Server hosted application.

Citrix 1Y0-614 Access Suite 4.0 Design Practice Exam Set 2

Which two policies constitute SmartAccess functionality on Access Gateway 8.0 Enterprise Edition? (Choose two.)


Options are :

  • Pre-Authentication (Correct)
  • Authorization
  • Session (Correct)
  • Traffic

Answer : Pre-Authentication Session

An IT organization has a client certificate configured. The administrator did not enable the cleanup client certificate option. The administrator decided not to prompt a user with the Windows cleanup dialog box. Will the cleanup client certificate be installed in Internet Explorer after logout?


Options are :

  • Yes, client cleanup code will do it.
  • Yes, Windows Client cleanup does the cleanup work even though it is not configured
  • Yes, the user has a chance to click on client cleanup windows to cleanup the client certificate.
  • No, the SSL client certificate needs manual cleanup. (Correct)

Answer : No, the SSL client certificate needs manual cleanup.

Which option must an administrator select for intranet IP to ensure that the mapped IP is used when the appliance runs out off intranet IPs to assign to new users?


Options are :

  • SPILLOVER (Correct)
  • OFF
  • ON
  • NOSPILLOVER

Answer : SPILLOVER

Citrix 1Y0-731 Netscaler 8.0 Administration Practice Exam Set 2

When creating a Web Interface site for use with Access Gateway 8.0 Enterprise Edition, which mode of access or authentication should be specified for the Web Interface site?


Options are :

  • Advanced Access Control (Correct)
  • SmartAccess Control
  • Explicit authentication
  • Pass-through authentication

Answer : Advanced Access Control

Can a user apply themes using the Portal Administrator Tool to change the logo, banner, icon, font, color and layout settings of their portal page?


Options are :

  • No. The Portal Administrator Tool does not have this capability.
  • Yes. The user can do it after the administrator enables it. (Correct)
  • Yes. The user can always do it without administrator permission.
  • No. Only the administrator has the right to do so

Answer : Yes. The user can do it after the administrator enables it.

An administrator configuring Access Gateway 8.0 Enterprise Edition wants to use a private key type that is used by Access Gateway 8.0 Enterprise Edition for encryption services. Which private key type should the administrator select from the "Choose private key type" drop-down list in the SSL VPN "Certificate Wizard" to meet this requirement?


Options are :

  • DSA
  • 3DES
  • DER
  • RSA (Correct)

Answer : RSA

Citrix 1Y0-731 Netscaler 8.0 Administration Practice Exam Set 3

What is true about double-source authentication?


Options are :

  • It uses two separate user names and the same password for the primary and secondary nodes.
  • It uses the same user name and password for both the primary and the secondary nodes.
  • It uses two separate user names and passwords, one for the primary node and one for the secondary node.
  • It uses the same user name and two separate passwords for the primary and secondary nodes. (Correct)

Answer : It uses the same user name and two separate passwords for the primary and secondary nodes.

An IT organization has an internal portal page. Which Access Gateway 8.0 Enterprise Edition command should be used to load that internal portal page by default after a successful login?


Options are :

  • set vpn param -homepage "/vpns/internalportalpage.html"
  • set vpn -homepage http://portalpage_internal.company.com/
  • set vpn param -homepage http://internalportalpage.company.com/ (Correct)
  • set vpn -homepage "/vpns/internalportalpage.html"

Answer : set vpn param -homepage http://internalportalpage.company.com/

When configuring a Web Interface site for SmartAccess, without the full VPN client OR with Access Gateway 8.0 Enterprise Edition replacing Secure Gateway proxy, which mode of access should be configured in the "Edit DMZ Settings" portion of the Access Management Console?


Options are :

  • Direct
  • Gateway Direct (Correct)
  • Gateway Translated
  • Translated

Answer : Gateway Direct

Citrix 1Y0-351 NetScaler 10.5 Essentials and Networking Exam Set 6

Scenario: An administrator needs to configure an audit policy that will log major errors on the Access Gateway appliance as well as problems that might cause the Access Gateway appliance to function incorrectly, but which are not critical to its operation. Which two options need to be selected in the log level to configure the audit policy to meet these requirements? (Choose two.)


Options are :

  • Alert (Correct)
  • Emergency
  • Warning (Correct)
  • Notice

Answer : Alert Warning

An administrator wants to provide access to published applications that are hosted on Presentation Server only, without requiring the use of a VPN client. How can this functionality be implemented?


Options are :

  • Enable SmartAccess with ICA proxy
  • Enable Session Reliability on Web Interface
  • Enable the ICA proxy feature (Correct)
  • Enable single sign-on

Answer : Enable the ICA proxy feature

Secure Access Client needs root privileges to do which two things? (Choose two.)


Options are :

  • For Endpoint Analysis checks that require administrative privileges (Correct)
  • To be installed (Correct)
  • For upgrading or downgrading itself
  • To provide basic VPN tunneling functionality

Answer : For Endpoint Analysis checks that require administrative privileges To be installed

Citrix 1Y0-351 NetScaler 10.5 Essentials and Networking Exam Set 10

An administrator just configured a client security check using this expression: CLIENT.OS(Windows XP Pro).SP == 2 -frequency 2 What does the "2 -frequency 2" portion of this expression indicate?


Options are :

  • To check for Service Pack 2 and run every 2 hours
  • To check for two hotfixes and run every 2 minutes
  • To check for two hotfixes and run every 2 hours
  • To check for Service Pack 2 and run every 2 minutes (Correct)

Answer : To check for Service Pack 2 and run every 2 minutes

What is responsible for performing the client side decompression for HTTP/Web response compression for the Access Gateway 8.0 Enterprise Edition appliance?


Options are :

  • Web browser (Correct)
  • Presentation Server client
  • Java Client
  • JavaScript

Answer : Web browser

In the Policy Precedence Model for Access Gateway 8.0 Enterprise Edition what is prioritized, evaluated and enforced?


Options are :

  • Profiles of different types
  • Policies of different types
  • Policies of the same type (Correct)
  • Profiles of the same type

Answer : Policies of the same type

Citrix 1Y0-351 NetScaler 10.5 Essentials and Networking Exam Set 10

Which pre-authentication expression must be used if an administrator needs to indicate that Symantec version 7.5 or McAfee version 11 is running and Trend Micro version 8.0 is not running?


Options are :

  • (av_5_Symantec_7_5 && av_5_McAfeevirusscan_11) || CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0
  • av_5_Symantec_7_5 || av_5_McAfeevirusscan_11 && CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0
  • av_5_Symantec_7_5 && av_5_McAfeevirusscan_11 || CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0
  • (av_5_Symantec_7_5 || av_5_McAfeevirusscan_11) && CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0 (Correct)

Answer : (av_5_Symantec_7_5 || av_5_McAfeevirusscan_11) && CLIENT.APPLICATION.AV(Trend Micro).VERSION != 8.0

Which policy must be used to set the application timeout?


Options are :

  • Session
  • Traffic (Correct)
  • Authorization
  • Authentication

Answer : Traffic

The following configuration is set on the Access Gateway 8.0 Enterprise Edition appliance: >global default authorization ALLOW >Authorization policy "FSpol1" "FS.COMMAND == login && FS.USER == ALICE" DENY >Authorization policy "FSpol2" "(FS.COMMAND == put || FS.COMMAND == mkdir) && FS.SERVER == 10.10.2.10" DENY >Authorization policy "FSpol3" "FS.FILESIZE >1024" DENY >add aaa user Alice >add aaa user Bob >add aaa user Joe >bind aaa user Alice -policy FSpol1 >bind aaa user Bob -policy FSpol2 >bind aaa user Bob -policy FSpol3 Which of the following two statements can be accomplished? (Choose two.)


Options are :

  • Bob logged into the VPN successfully, logged into File System server 10.10.2.11 and downloaded a file of size 500 Bytes (Correct)
  • Alice logged into the VPN successfully and logged into the File System server 10.10.2.11
  • Joe logged into the VPN successfully and logged into the File System server 10.10.2.10 (Correct)
  • Bob logged into the VPN successfully, logged into the File System server 10.10.2.10 and created a new directory

Answer : Bob logged into the VPN successfully, logged into File System server 10.10.2.11 and downloaded a file of size 500 Bytes Joe logged into the VPN successfully and logged into the File System server 10.10.2.10

Citrix 1Y0-614 Access Suite 4.0 Design Practice Exam Set 5

Scenario: A major technology company wants to upgrade their current Access Gateway deployment to ensure that it meets their growing remote access needs as they acquire new companies. Currently, the company is supporting nearly 3,000 concurrent users on their existing SSL VPN. Due to a recently-completed merger, the company expects the concurrent user sessions through Access Gateway to increase by 40% over the next year. Which Access Gateway 8.0 Enterprise Edition appliance platform handles the most concurrent user traffic and would be appropriate for this company?


Options are :

  • 7000 series
  • 12000 series
  • 10000 series (Correct)
  • 2000 series

Answer : 10000 series

Citrix 1Y0-327 Password Manager 4.5 Administration Test Set 5

An administrator created a new VPN virtual server without binding any session policies to it. What is the default authorization action for users logging in to this VPN virtual server?


Options are :

  • DENY. This is the default behavior.
  • ALLOW. This is the default behavior. (Correct)
  • DENY. No session policy is bound to the virtual server.
  • ALLOW. No session policy is bound to the virtual server.

Answer : ALLOW. This is the default behavior.

Scenario: A company is upgrading its current access infrastructure. The Network Administrator has been instructed to configure Access Gateway 8.0 Enterprise Edition to replace Secure Gateway in the environment, so that authentication is disabled on the Access Gateway appliance, and Web Interface is configured in Direct Mode with authentication responsibilities. Which two settings should the administrator configure in order to meet these requirements? (Choose two.)


Options are :

  • Set the FQDN of the Web Interface site as the FQDN of the Access Gateway appliance.
  • Enable ICA proxy on the Access Gateway appliance. (Correct)
  • Set the Web Interface site as the Access Gateway home page. (Correct)
  • Enable authentication on the Secure Ticket Authority.

Answer : Enable ICA proxy on the Access Gateway appliance. Set the Web Interface site as the Access Gateway home page.

Scenario: An administrator wants users to be able to access back-end resources running on file servers and application servers in an environment. The administrator has Access Gateway 8.0 Enterprise Edition deployed, and the Secure Access client is used to establish VPN tunnels to the corporate network. There are no intranet applications configured in this environment, and split tunneling is turned off. Which two statements are true regarding why users in this environment will be able to access applications on file and application servers? (Choose two.)


Options are :

  • Users will be able to access file and application servers as long as an authorization policy is configured to allow them access to resources on the file and application servers (Correct)
  • Users will be able to access file and application servers as long as they can authenticate through the VPN. (Correct)
  • Users will be able to access file and application servers because the back-end resources have been assigned specific intranet IP addresses.
  • Users will be able to access file and application servers because the back-end resources in this environment have been configured as published applications.

Answer : Users will be able to access file and application servers as long as an authorization policy is configured to allow them access to resources on the file and application servers Users will be able to access file and application servers as long as they can authenticate through the VPN.

1Y0-264 Citrix Presentation Server 4.5 Support Practice Test Set 4

Which two parameters must be configured within the Access Gateway 8.0 Enterprise Edition Global Authentication RADIUS settings or RADIUS Authentication Server settings in order to extract groups from a RADIUS server? (Choose two.)


Options are :

  • Login Name
  • Search Filter
  • RADIUS Group Vendor ID (Correct)
  • Group Attribute Type (Correct)

Answer : RADIUS Group Vendor ID Group Attribute Type

A public research university needs to provide remote access to the students in its distance learning program. Which Access Gateway 8.0 Enterprise Edition client should the Network Administrator deploy in order to ensure that every student is able to connect to the environment?


Options are :

  • Presentation Server
  • ActiveX Plug-in
  • Java Client (Correct)
  • Secure Access

Answer : Java Client

Scenario: Currently an administrator is using an administration audit policy that has been configured to display more information in the audit log. The IT Manager has requested that the administrator modifies the audit policy to just display potential issues that may result in an error or critical error. Which option(s) must the administrator check in the audit policy to meet this new requirement?


Options are :

  • Notice and Warning
  • Emergency, Alert, Critical, Error and Warning (Correct)
  • Alert, Critical and Notice
  • Warning

Answer : Emergency, Alert, Critical, Error and Warning

Scenario: There are six administrators in an Access Gateway 8.0 Enterprise Edition environment. Some of them need full system privileges as the nsroot user. A few of them need limited privileges based on their daily duties. The Senior Administrator for the environment wants to give two of the Junior Administrators "allow read only access" to all show commands except for the system command group and the ns.conf show commands. The Senior Administrator also wants to allow the Junior Administrators access to enable and disable commands on services. Which built-in command policy or administrative privileges should the Senior Administrator assign to the two Junior Administrators?


Options are :

  • Network
  • Operator (Correct)
  • Superuser
  • Read-Only

Answer : Operator

Scenario: A consultant is in charge of a new Access Gateway 8.0 Enterprise Edition implementation at a large customer site and must address the following security requirements: Requirements: 1)If APP1.EXE is running on the local machine, do not allow access to the VPN authentication page 2)If APP2.EXE is running on the local machine, allow access to the VPN authentication page after CMD.EXE is closed 3)If APP3.EXE is not found on the local machine, allow access to the VPN authentication page Which policy type must be used to configure these security requirements?


Options are :

  • Authorization
  • Pre-Authentication (Correct)
  • Traffic
  • Authentication

Answer : Pre-Authentication

When creating the server certificate for an Access Gateway 8.0 Enterprise Edition virtual server in ICA Proxy mode, the Common Name (CN) should match that of the FQDN of the______. (Choose the correct option to complete the sentence.)


Options are :

  • Secure Ticket Authority server
  • Presentation Server
  • Web Interface server
  • VPN virtual server (Correct)

Answer : VPN virtual server

Citrix 1Y0-351 NetScaler 10.5 Essentials and Networking Exam Set 6

Comment / Suggestion Section
Point our Mistakes and Post Your Suggestions