Question 61
Scenario: A Citrix Architect and a team of Workspacelab members met to discuss a NetScaler design project.
They captured the following requirements from this design discussion:
* A pair of NetScaler MPX appliances will be deployed in the DMZ network.
* High Availability will be accessible in the NetScaler MPX in the DMZ Network.
* Load balancing should be performed for the internal network services like Microsoft Exchange Client Access Services and Microsoft App-V.
* The load balancing should be performed for StoreFront.
* The NetScaler Gateway virtual server will be utilizing the StoreFront load-balancing virtual server.
* The NetScaler Gateway virtual server and StoreFront.
* The NetScaler Gateway virtual service and StoreFront and load-balancing services are publicly accessible.
* The traffic for internal and external services must be isolated.
Click the Exhibit button to review the logical network diagram.
Which two design decisions are incorrect based on these requirements? (Choose two.)
They captured the following requirements from this design discussion:
* A pair of NetScaler MPX appliances will be deployed in the DMZ network.
* High Availability will be accessible in the NetScaler MPX in the DMZ Network.
* Load balancing should be performed for the internal network services like Microsoft Exchange Client Access Services and Microsoft App-V.
* The load balancing should be performed for StoreFront.
* The NetScaler Gateway virtual server will be utilizing the StoreFront load-balancing virtual server.
* The NetScaler Gateway virtual server and StoreFront.
* The NetScaler Gateway virtual service and StoreFront and load-balancing services are publicly accessible.
* The traffic for internal and external services must be isolated.
Click the Exhibit button to review the logical network diagram.
Which two design decisions are incorrect based on these requirements? (Choose two.)
Question 62
Scenario: A Citrix Architect needs to assess an existing NetScaler configuration. The customer recently found that certain user groups were receiving access to an internal web server with an authorization configuration that does NOT align with the designed security requirements.
Click the Exhibit button view the configured authorization settings for the web server.
Which item should the architect change or remove to align the authorization configuration with the security requirements of the organization?
Click the Exhibit button view the configured authorization settings for the web server.
Which item should the architect change or remove to align the authorization configuration with the security requirements of the organization?
Question 63
Scenario: A Citrix Architect needs to assess an existing on-premises NetScaler deployment which includes Advanced Endpoint Analysis scans. During a previous security audit, the team discovered that certain endpoint devices were able to perform unauthorized actions despite NOT meeting pre-established criteria.
The issue was isolated to several endpoint analysis (EPA) scan settings.
Click the Exhibit button to view the endpoint security requirements and configured EPA policy settings.
Which setting is preventing the security requirements of the organization from being met?
The issue was isolated to several endpoint analysis (EPA) scan settings.
Click the Exhibit button to view the endpoint security requirements and configured EPA policy settings.
Which setting is preventing the security requirements of the organization from being met?
Question 64
Scenario: A Citrix Architect has met with a team of Workspacelab members for a design discussion. They have captured the following requirements for the Citrix ADC design project:
* The Citrix Gateway virtual server is integrated with the Citrix Virtual Apps and Desktops environment.
* The authentication must be deployed for the users from the workspacelab.com and vendorlab.com domains.
* The workspacelab users connecting from the internal (workspacelab) network should be authenticated using LDAP.
* The workspacelab users connecting from the external network should be authenticated using LDAP and RADIUS
* The vendorlab users should be authenticated using Active Directory Federation Service.
* The user credentials must NOT be shared between workspacelab and vendor) ab.
* Single Sign-on must be performed between F and Citrix Gateway.
* A domain drop down list must be provided if the user connects to the Citrix Gateway virtual server externally.
* The domain of the user connecting externally must be identified using the domain selected from the domain drop down.
At which bind point should the architect bind the domain drop-down schema policy?
* The Citrix Gateway virtual server is integrated with the Citrix Virtual Apps and Desktops environment.
* The authentication must be deployed for the users from the workspacelab.com and vendorlab.com domains.
* The workspacelab users connecting from the internal (workspacelab) network should be authenticated using LDAP.
* The workspacelab users connecting from the external network should be authenticated using LDAP and RADIUS
* The vendorlab users should be authenticated using Active Directory Federation Service.
* The user credentials must NOT be shared between workspacelab and vendor) ab.
* Single Sign-on must be performed between F and Citrix Gateway.
* A domain drop down list must be provided if the user connects to the Citrix Gateway virtual server externally.
* The domain of the user connecting externally must be identified using the domain selected from the domain drop down.
At which bind point should the architect bind the domain drop-down schema policy?
Question 65
Which NetScaler Management and Analytics System (NMAS) utility can a Citrix Architect utilize to verify the configuration template created by the NMAS StyleBook, before actually executing it on the NetScaler?