Free 1Y0-241 Sample Questions — Deploy and Manage Citrix ADC 13 with Traffic Management

Which two steps are necessary to configure global server load balancing (GSLB) service selection using content switching (CS)? (Choose two.)

• A. Bind the domain to the CS vServer instead of the GSLB vServer
• B. Configure CS policies that designate a load-balancing vServer as the target vServer
• C. Configure a CS vServer of target type GSLB
• D. Bind the GSLB domain to the GSLB vServer

A Citrix Administrator is creating a new SSL vServer and notices the ns_default_ssl_profile frontend SSL profile is automatically bound to the SSL vServer. Which two actions can the administrator perform to change or remove the ns_default_ssl_profile_frontend SSL profile once it is enabled? (Choose two.)

• A. Globally unbind the ns_default_ssl_profile_frontend SSL
• B. Unbind the default SSL profile and bind the newly created SSL profile
• C. Create a separate SSL profile
• D. Unbind the ns_default_ssl_profile_frontend SSL profile from the SSL vServer without binding a replacement SSL profile
• E. Globally disable the ns_default_ssl_profile_frontend SSL profile

Which profile can a Citrix Administrator create to configure a default profile that disables TLSv1?

• A. DTLS
• B. TCP
• C. SSL
• D. HTTP

Scenario: A Citrix Administrator suspects an attack on a load-balancing vServer (IP address 192.168.100.25). The administrator needs to restrict access to this vServer for 10 minutes. Which Access Control List (ACL) will accomplish this?

• A. add simpleacl rule1 DENY -srcIP 192.168.100.25 -TTL 600000
• B. add simpleacl rule1 DENY -srcIP 192.168.100.25 -TTL 600
• C. add ns acl rule1 DENY -destIP 192.168.100.25 -TTL 600000
• D. add ns acl rule1 DENY -destIP 192.168.100.25 -TTL 600

Scenario: Users are trying to access https://cs.mycompany.com, but are receiving the error below: HTTP 503 Service Unavailable - What can a Citrix Administrator change in the Citrix ADC configuration to fix this?

• A. Enable the content switching feature
• B. Disable the spillover redirect URL
• C. Bind a certificate
• D. Bind the default load-balancing vServer

Where do the monitor probes originate by default, after creating and correctly configuring a custom user monitor?

• A. MIP
• B. VIP
• C. SNIP
• D. NSIP

Which step can a Citrix Administrator take to use default compression policies?

• A. Select the compression algorithm (gzip/deflate/identity)
• B. Disable the Citrix ADC compression feature at a global level
• C. Enable compression on the associated bound services
• D. Bind the default compression policies to the vServer

Scenario: A Citrix Administrator installed the compression feature on the web servers. To offload the compression on the Citrix ADC, the administrator configured the Citrix ADC appliance to remove the ‘Accept Encoding’ header from all HTTP client requests. However, the administrator observes that data is NOT being compressed by the Citrix ADC, even though the ‘Accept Encoding’ header is being removed from all requests. What could be the cause of this issue?

• A. The rewrite policy is bound at an incorrect bind point
• B. The servers are automatically compressing all responses
• C. The compression policy needs to be reconfigured
• D. Servercmp is disabled on the Citrix ADC

Scenario: A Citrix Administrator is configuring a Citrix ADC high availability (HA) pair with an existing primary Citrix ADC with all resources configured. The administrator adds the secondary Citrix ADC in HA and discovers that the configuration on the existing primary was removed and is now the secondary Citrix ADC in the HA pair. Which two configurations could the administrator have used to prevent this from happening? (Choose two.)

• A. Set the primary Citrix ADC to stay primary in the Configure HA Node settings
• B. Set the secondary Citrix ADC to stay secondary in the Configure HA Node settings
• C. Enable HA monitoring on all secondary device interfaces
• D. Enable HA monitoring on all primary device interfaces

Which four authentication types can a Citrix Administrator use for Citrix ADC authentication, authorization, and auditing (AAA) multifactor authentication? (Choose four.)

• A. RADIUS
• B. OAuth
• C. FIDO2
• D. NTLM
• E. ADFS
• F. LDAP
• G. TACACS+

What is the effect of the `set cs vServer vServer-CS-1 -redirectURL http://www.newdomain.com/mysite/` command?

• A. If the vServer-CS-1 encounters a high connection rate, then users will be redirected to http://www.newdomain.com/mysite/
• B. If the status of vServer-CS-1 is DOWN, then users will be redirected to http://www.newdomain .com/mysite/
• C. All the requests to vServer-CS-1 will be redirected to http://www.newdomain.com/mysite/
• D. All the requests without URL path/mysite/ will be redirected to http://www.newdomain.com/mysite/

Scenario: A Citrix Administrator downloaded and deployed Citrix Application Delivery Management (ADM) in an environment consisting of six Citrix ADCs and 100 virtual servers. When viewing the Citrix ADM console, the administrator sees only 30 virtual servers. Why is the administrator unable to see all 100 virtual servers?

• A. The nsroot passwords are NOT the same across all the Citrix ADCs
• B. Citrix ADM is using a free license
• C. Additional Citrix ADM systems need to be deployed to see all virtual servers
• D. The Citrix ADC and Citrix ADM firmware versions are NOT the same

Scenario: A Citrix Administrator manages an environment that has a Citrix ADC high availability (HA) pair running on two MPX appliances. The administrator notices that the state of the secondary Citrix ADC is 'Unknown'. What is causing the secondary state to be 'Unknown'?

• A. The synchronization on the secondary appliance is disabled
• B. TCP port 22 is disabled between the primary and secondary ADCs
• C. The administrator made both Citrix ADCs primary
• D. The remote procedure call (RPC) nodes are incorrectly configured

Scenario: A Citrix Administrator configured a responder policy as follows: > add responder action Picture10Action redirect "\"http://\" + http.req.hostname + http.req.url + \"/picture10.html\"" -bypassSafetyCheck YES > add responder policy Picture10Policy "http.req.url.eq(\"/mywebsite\")" Picture10Action > bind responder global Picture10Policy 1 END -type OVERRIDE What will be the effect of this configuration?

• A. The URL http://www.mywebsite.com will be overwritten with /picture10.html.
• B. Clients accessing http://www.mywebsite.com/ will have /picture10 html appended to the URL
• C. Clients accessing http://www.mywebsite.com/picture10.html will be overwritten with http://www.mywebsite com/
• D. The file Picture10 will be downloaded to a local drive when directly accessing http://www.mywebsite.com/picture10.html.

Scenario: While attempting to access web server that is load balanced by a Citrix ADC using HTTPS, a user receives the message below: SSL/TLS error: You have not chosen to trust `Certificate Authority` the issuer of the server's security certificate. What can a Citrix Administrator do to prevent users from viewing this message?

• A. Ensure that users have the certificate's private key
• B. Ensure that users have the certificate's public key
• C. Ensure that the server certificate is linked to its respective intermediate and root certificates
• D. Ensure that users have the server certificate installed

Scenario: The Citrix Administrator of a Linux environment needs to load balance the web servers. Due to budget constraints, the administrator is NOT able to implement a full-scale solution. What can the administrator purchase and install to load balance the webservers?

• A. Citrix ADC MPX
• B. Citrix ADC VPX
• C. Citrix ADC SDX
• D. Citrix ADC CPX

Scenario: A Citrix Administrator executed the following commands on the Citrix ADC: > add policy dataset Admin_group ipv4 > bind policy dataset Admin_group 192.168.149.10 -index 11 > bind policy dataset Admin_group 192.168.149.39 -index 12 > bind policy dataset Admin_group 192.168.149.49 -index 13 > add responder policy POL_1 `!(CLIENT.IP.SRC.TYPECAST_TEXT_T.CONTAINS_ANY(\`Admin_group\`))` RESET > bind lb vServer lb_vsrv_www -policyName POL_1 -priority 100 -gotoPriorityExpression END -type REQUEST What will be the effect of these commands?

• A. Only users with a source IP address of 192.168.149.10, 192.168.149.39, or 192.168.149.49 will be allowed to connect to vServer lb_vsrv_www
• B. Only users with a source IP address of 192.168.149.10, 192.168.149.39, or 192.168.149.49 will be blocked when attempting to connect to vServer lb_vsrv_www
• C. Only users with a source IP address of 192.168.149.10 or 192.168.149.39 will be allowed to connect to vServer lb_vsrv_www
• D. All traffic from users with a source IP address of 192.168.149.10, 192.168.149.39, or 192.168.149.49 will be blocked through the Citrix ADC

Scenario: A Citrix Administrator configured a responder policy as follows: > add responder action Redirect_Act respondwith `DIAMETER.NEW_REDIRECT(\`aaa://host.example.com\`)` > add responder policy Redirect_Pol `diameter.req.avp(264).value.eq(\`host1.example.net\`)` Redirect_Act > bind lb vServer vs1 -policyName Redirect_Pol -priority 10 -type REQUEST What will be the effect of this configuration?

• A. Request originated from "host1.example.net" will be redirected to "host.example.com".
• B. Response originated from "host1.example.net" will be redirected to "host.example.com".
• C. Response originated from "host.example.net" will be redirected to "host1.example.com".
• D. Request originated from "host.example.net" will be redirected to "host1.example.com".

Scenario: A Citrix Administrator is concerned about the number of health checks the Citrix ADC is sending to backend resources. The administrator wants to find a way to remove health checks from specific bound services. How can the administrator accomplish this?

• A. Unbind the current monitor
• B. Use the no-monitor option
• C. Use service groups to minimize health checks
• D. Use reverse-condition monitoring

A Citrix Administrator needs to configure a rate-limiting policy setting DNS requests to a threshold of 1,000 per second. Which set of commands does the administrator need to run to correctly configure and enable this policy?

• A. > add stream selector DNSSelector1 client.udp.dns.domain > add ns limitIdentifier DNSLimitIdentifier1 -threshold 5 -timeSlice 1000 -selectorName DNSSelector1 > add dns policy DNSLimitPolicy1 " sys.check_limit(\"DNSLimitIdentifier1\")" -preferredLocation "North America.US.TX.Dallas.. " > bind dns global DNSLimitPolicy1 5
• B. > add stream selector DNSSelector1 client.udp.dns.domain > add ns limitIdentifier DNSLimitIdentifier1 -threshold 1000 -timeSlice 1000 -selectorName DNSSelector1 > add dns policy DNSLimitPolicy1 " sys check_limit(\"DNSLimitIdentifier1\")" -preferredLocation "North America.US.TX.Dallas.. " > bind dns global DNSLimitPolicy1 5
• C. > add stream selector DNSSelector1 client.udp.dns.domain > add ns limitIdentifier DNSLimitIdentifier1 -threshold 5 -timeSlice 1000 -selectorName DNSSelector1 > add dns policy DNSLimitPolicy1 " sys.check_limit(\"DNSLimitIdentifier1\")" -preferredLocation "North America.US.TX.Dallas.. "
• D. > add stream selector DNSSelector1 client.udp.dns.domain > add ns limitIdentifier DNSLimitIdentifier1 -threshold 1000 -timeSlice 1000 -selectorName DNSSelector1 > add dns policy DNSLimitPolicy1 " sys check_limit(\"DNSLimitIdentifier1\")" -preferredLocation "North America.US.TX.Dallas.. "