Exambible 1Y0-351 Questions are updated and all 1Y0-351 answers are verified by experts. Once you have completely prepared with our 1Y0-351 exam prep kits you will be ready for the real 1Y0-351 exam without a problem. We have Far out Citrix 1Y0-351 dumps study guide. PASSED 1Y0-351 First attempt! Here What I Did.
Q97. Scenario: A network engineer would like to prevent blacklisted remote clients from accessing NetScaler hosted application services. An IP address blacklist database is maintained by an external company and available to query over the Internet. The engineer would like to reject any connections from IP addresses that are contained in the blacklist. What could the engineer configure to achieve this goal?
A. SSL offload
B. HTTP callout
C. URL transformation
D. SSL certification revocation list check
Answer: B
Q98. Which option needs to be set on the service in order to maintain the original client-IP to the backend service?
A. -cka yes
B. -usip yes
C. -cip disabled
D. -useproxyport yes
Answer: B
Q99. Scenario: A company has three HTTP servers that are load balanced using NetScaler. When users connect to the HTTP application they often receive inconsistent data or are advised that they need to log on again. Which step should the engineer take to correct this?
A. Remove Down State Flush.
B. Change the idle timeout value for the service.
C. Configure persistence with appropriate timeouts.
D. Change the global TCP Client Idle Time-Out value.
Answer: C
Q100. Company policy states that all passwords should travel the network in encrypted packets except SNMP. Which command should the network engineer execute to comply with this policy?
A. set ns ip 10.20.30.40 -ssh disabled -telnet disabled -gui enabled
B. set ns ip 10.20.30.40 -telnet disabled -gui secureonly -ftp disabled
C. set ns ip 10.20.30.40 -mgmtaccess disabled -restrictaccess enabled
D. set ns ip 10.20.30.40 -gui secureonly -ssh enabled -restrictaccess enabled
Answer: B
Q101. A company has an external-facing web application that requires end-to-end encryption and Layer-7 functionality. Which protocol type would an engineer choose for the virtual server and service?
A. SSL
B. SSL_TCP C. SSL_PUSH
D. SSL_BRIDGE
Answer: B
Q102. An end user is receiving authentication errors when accessing a load-balancing virtual server that uses Authentication, Authorization and Access (AAA)-TM. Which shell command should a NetScaler Engineer execute to show AAA events in real time to help diagnose this issue?
A. tail /tmp/aaad.debug
B. cat /tmp/aaad.debug
C. grep aaa /tmp/nskrb.debug
D. egrep aaa /tmp/pitboss.debug
Answer: B
Q103. Scenario: A pair of NetScaler devices have recently been installed into the corporate DMZ. The Netscalers have been installed in two-arm mode, with two interfaces in a Internet- facing VLAN and two interfaces in the internal VLAN. A private management subnet also exists. The NetScaler engineer would like to secure and restrict communication between the management subnet and the SNIP address on that subnet. Which two actions could the engineer take to help with these goals? (Choose two.)
A. Apply an ACL on the specified SNIP.
B. Remove the ACL list to the internal VLAN.
C. Remove the NSIP address from the Netscaler.
D. Configure the SNIP with the -gui SECUREONLY option.
Answer: A, D
Q104. Which NetScaler feature would a NetScaler Engineer configure to allow users from a certain IP range to have access to a special Web portal?
A. Load Balancing
B. Content Filtering
C. Global Server Load Balancing
D. Content Switching
Answer: D