Our pass rate is high to 98.9% and the similarity percentage between our 1Y0-351 study guide and real exam is 90% based on our seven-year educating experience. Do you want achievements in the Citrix 1Y0-351 exam in just one try? I am currently studying for the Citrix 1Y0-351 exam. Latest Citrix 1Y0-351 Test exam practice questions and answers, Try Citrix 1Y0-351 Brain Dumps First.
Q17. Scenario: A NetScaler appliance currently has a manually configured channel containing four interfaces; however, the engineer has been told that the NetScaler must now only use a single interface for this network. The engineer removes the channel and immediately notices a decrease in network performance. How could the engineer resolve this issue?
A. Reset the unused interfaces
B. Disable the unused interfaces
C. Enable flow control on all interfaces
D. Disable HA monitoring on the three interfaces that are no longer required
Answer: B
Q18. Scenario: NetScaler is configured with a Subnet IP (SNIP) 192.168.1.10/24 on VLAN 1 and a SNIP 172.168.1.50/24 on VLAN 100. VLAN 100 has been properly associated with interface 1/1 and SNIP 172.168.1.50. A user on VLAN 100 is attempting to access a virtual server on
192.168.1.25 and NOT getting a response. After troubleshooting the network, an engineer identifies that asymmetric packet flows are NOT using the right interfaces on the return path to the client. Which NetScaler setting must be enabled to avoid this behavior?
A. Layer 3 Mode
B. Layer 2 Mode
C. Direct Route Advertisement
D. MAC-based forwarding (MBF)
Answer: D
Q19. Scenario: A NetScaler Engineer is configuring a NetScaler that has three interfaces. The first interface is connected to the internal network, the second interface is connected to the DMZ1- network, and the third interface is connected to the DMZ2-network.
DMZ1 and DMZ2 networks are behind different firewalls, and both firewalls are sending traffic through network address translation (NAT) to the DMZ networks.
The default route is to the gateway on the DMZ1-network. DMZ1: 10.10.10.0/24 (Gateway: 10.10.10.1)
DMZ2: 10.20.20.0/24 (Gateway: 10.20.20.1)
Internal: 192.168.0.0/24 (Gateway: 192.168.0.1)
Internet traffic reaches the virtual servers located in DMZ1 but NOT the virtual servers located in DMZ2. Which policy-based route (PBR) would resolve the issue?
A. add ns pbr PBR1 ALLOW -srcIP = 10.20.20.0-10.20.20.255 -destIP != 10.20.20.0-
10.20.20.255 -nextHop 10.10.10.1 -priority 10
B. add ns pbr PBR1 ALLOW -srcIP != 10.20.20.0-10.20.20.255 -destIP = 10.20.20.0-
10.20.20.255 -nextHop 10.20.20.1 -priority 10
C. add ns pbr PBR1 ALLOW -srcIP = 10.20.20.0-10.20.20.255 -destIP != 10.20.20.0-
10.20.20.255 -nextHop 10.20.20.1 -priority 10
D. add ns pbr PBR1 ALLOW -srcIP != 10.20.20.0-10.20.20.255 -destIP != 10.20.20.0-
10.20.20.255 -nextHop 10.10.10.1 -priority 10
Answer: C
Q20. Scenario: An engineer has been asked to implement load balancing of an existing unsecured web application. The engineer needs to ensure that users will access the web application using HTTPS, but no changes can be made to the web servers hosting the web application. In order to fulfill the requirements, the engineer must create an service group and add members with port ; and bind the service group to an virtual server. (Choose the correct set of options to complete the sentence.)
A. SSL; 443; SSL
B. HTTP; 80; SSL
C. SSL; 80; HTTP
D. HTTPS; 443; HTTP
Answer: B
Q21. A NetScaler engineer generates a techsupport archive to be sent to Technical Support. Which three of the following pieces of information will be included in the archive file? (Choose three.)
A. Model Number
B. SSL Private Keys
C. Old Configuration Files
D. Hardware Boot sequence E. Webpage Customizations F. Certificate Revocation List
Answer: A, C, D
Q22. What should a network engineer do to prevent unauthorized users from using the root user account?
A. Reset the nsroot account.
B. Change the nsroot password.
C. Create an authorization policy.
D. Bind a policy to the root user account.
Answer: B
Explanation:
Changing the Password of the Default User Account The default user account provides complete access to all features of the Citrix SDX appliance. Therefore, to preserve security, the nsroot account should be used only when necessary, and only individuals whose duties require full access should know the password for the nsroot account. Citrix recommends changing the nsroot password frequently. If you lose the password, you can reset the password to the default by reverting the appliance settings to factory defaults.
You can change the password of the default user account in the Users pane. In the Users pane, you can view the following details:
Name Lists the user accounts configured on the SDX appliance. Permission Displays the permission level assigned to the user account.
To change the password of the default user account
On the Configuration tab, in the navigation pane, expand System, and then click Users. In the Users pane, click the default user account, and then click Modify.
In the Modify System User dialog box, in Password and Confirm Password, enter the password of your choice.
Click OK.
Q23. Scenario: A NetScaler Engineer is addressing an issue discovered during a vulnerability scan.
The security team is requiring that the engineer disable specific SSL ciphers on the SSL
VServer. Which two methods could the engineer use to meet this requirement? (Choose two.)
A. Modify the list of ciphers in the Default cipher group.
B. Change the list of bound ciphers on the VServer directly.
C. Enable Cipher Redirect on the VServer and configure OCSP.
D. Disable SSLv2 Redirect on the VServer and update the CRLs.
E. Un-assign the default group, create a custom cipher group and assign it to the VServer.
Answer: B, E
Q24. A network engineer wants to configure a NetScaler for load balancing Voice over IP traffic (VoIP). Which hash method is the best fit for VoIP traffic?
A. Call ID
B. Source IP
C. Destination IP
D. Domain name
Answer: A