1Y0-241 Practice Exam — Free Citrix Certification Prep

Join Us Among the Stars

Sign Up & unlock 100% of Exam Questions

Log in / Sign up

No Strings Attached!

130Practice Questions

3Study Modes

Free

TopicSort

Question 1

Securing the Citric ADC

What can a Citrix Administrator use to restrict access to the Citrix ADC management IP (NSIP) address?

A Command policy
B Access Control List (ACL)
C Authentication policy
D Authorization policy

Question 2

Basic Networking

Question 3

Troubleshooting

Question 4

Troubleshooting

Question 5

Citrix ADC Platforms

Question 6

High Availability

Question 7

Load Balancing

Question 8

Troubleshooting

Question 9

High Availability

Question 10

Rewrite, Responder, and URL Transform

Question 11

Rewrite, Responder, and URL Transform

Question 12

SSL Offload

Question 13

Securing the Citric ADC

Question 14

Troubleshooting

Question 15

Load Balancing

Question 16

Securing the Citric ADC

Question 17

Content Switching

Question 18

Citrix ADC Platforms

Question 19

Load Balancing

Question 20

Basic Networking

Question 21

Securing the Citric ADC

Question 22

SSL Offload

Question 23

Content Switching

Question 24

Default Policies

Question 25

Rewrite, Responder, and URL Transform

Page 1 of 6 • Questions 1-25 of 130

1 2 3 4 5

→

Know a question that should be here? Contribute to this exam

A Citrix Administrator deploys a new Citrix ADC MPX appliance in the demilitarized zone (DMZ), with one interface in the DMZ and the other on the internal network.

In which mode should the administrator deploy the Citrix ADC?

A One-arm
B Two-arm
C Transparent
D Forward proxy

Scenario: To receive data alerts for failures, a Citrix Administrator is configuring SNMP on the Citrix ADC. The administrator is confident that the manager, alarms and SNMP traps are configured correctly. The following week, there is a Citrix ADC-related outage and the administrator does NOT receive any alerts.

What could be the reason for this alert failure?

A The Citrix Web App Firewall is blocking the alerts from going out.
B The community name was NOT configured in the Citrix ADC SNMP trap destination settings.
C The Citrix ADC only has standard licensing.
D The Citrix ADC is configured for SNMP version 1.

Users are experiencing resets from the intranet server website, which is load balanced through the Citrix ADC.

Which Citrix ADC tool can a Citrix Administrator use to troubleshoot the reset issue?

A View the newnslog from the command line interface (CLI) to look for packet resets from the Citrix ADC.
B Use the nslog to look for packet resets on the Citrix ADC.
C Take a packet trace with nstrace and analyze with Wireshark.
D Look in the event viewer for packet resets from the Citrix ADC

Scenario: A Citrix Administrator is managing a Citrix Gateway with a standard Platform license and remote employees in the environment. The administrator wants to increase access by 3,000 users through the Citrix Gateway using VPN access.
Which license should the administrator recommend purchasing?

A Citrix ADC Burst Pack
B Citrix Gateway Express
C Citrix Gateway Universal
D Citrix ADC Upgrade

Question 6

High Availability

Question 7

Load Balancing

Question 8

Troubleshooting

Question 9

High Availability

Question 10

Rewrite, Responder, and URL Transform

Question 11

Rewrite, Responder, and URL Transform

Question 12

SSL Offload

Question 13

Securing the Citric ADC

Question 14

Troubleshooting

Question 15

Load Balancing

Question 16

Securing the Citric ADC

Question 17

Content Switching

Question 18

Citrix ADC Platforms

Question 19

Load Balancing

Question 20

Basic Networking

Question 21

Securing the Citric ADC

Question 22

SSL Offload

Question 23

Content Switching

Question 24

Default Policies

Question 25

Rewrite, Responder, and URL Transform

Scenario: A Citrix Administrator configured SNMP to send traps to an external SNMP system. When reviewing the messages, the administrator notices several entity UP and entity DOWN messages.
To what are these messages related?

A Load-balancing vServers
B Network interface
C High availability nodes
D SSL profile

Scenario: A Citrix Administrator configured Citrix ADC load balancing to send requests to one of three identical backend servers. Each server handles multiple protocols, and load balancing is set up in round-robin mode. The current load-balancing setup on the Citrix ADC is:
✑ One load-balancing vServer with one externally accessible VIP
✑ One service created for each protocol type
✑ One server entity for each backend resource
During business hours, the administrator wants to make changes to one backend server without affecting the other servers.
What is the most efficient way for the administrator to ensure that all traffic is routed away from the server without impeding responses from other resources?

A Disable the backend service entity targeted for change.
B Disable the backend server entity targeted for change.
C Disable the load-balancing vServer.
D Unbind the correct server entity from the load-balancing vServer.

Scenario: A Citrix Administrator downloaded and deployed Citrix Application Delivery Management (ADM) in an environment consisting of six Citrix ADCs and
100 virtual servers. When viewing the Citrix ADM console, the administrator sees only 30 virtual servers.
Why is the administrator unable to see all 100 virtual servers?

A The nsroot passwords are NOT the same across all the Citrix ADCs.
B Citrix ADM is using a free license.
C Additional Citrix ADM systems need to be deployed to see all virtual servers.
D The Citrix ADC and Citrix ADM firmware versions are NOT the same.

Scenario: A Junior Citrix Administrator needs to create a content switching vServer on a Citrix ADC high availability (HA) pair. The NSIP addresses are
192.168.20.10 and 192.168.20.11. The junior administrator connects to NSIP address 192.168.20.10 and saves the changes.
The following day, a Senior Citrix Administrator tests the new content switching vServer, but it is NOT working. The senior administrator connects to the HA pair and discovers that everything the junior administrator configured is NOT visible.
Why has the Citrix ADC lost the newly added configurations?

A The junior administrator made the changes and did NOT force a failover to save the configuration.
B The junior administrator connected to the NSIP of the secondary Citrix ADC in the HA pair.
C Both Citrix ADCs in the HA pair restarted overnight.
D The Citrix ADC appliances have different firmware versions.

Scenario:
POLICY 1:
add rewrite action ACT_1 corrupt_http_header Accept-Encoding
add rewrite policy POL_1 HTTP.REQ.IS_VALID ACT_1
POLICY 2:
add rewrite action ACT_2 insert_http_header Accept-Encoding \identity`add rewrite policy POL_2HTTP.REQ.IS_VALID ` ACT_2
How can a Citrix Administrator successfully bind the above rewrite policies to the load-balancing vServer lb_vsrv so that POL_2 is evaluated after POL_1 is evaluated?

A bind lb vServer lb_vsrv -policyName POL_1 -priority 110 -gotoPriorityExpression NEXT -type REQUEST bind lb vServer lb_vsrv -policyName POL_2 -priority 100 -gotoPriorityExpression END -type REQUEST
B bind lb vServer lb_vsrv -policyName POL_1 -priority 90 -gotoPriorityExpression NEXT -type REQUEST bind lb vServer lb_vsrv -policyName POL_2 -priority 100 -gotoPriorityExpression END -type REQUEST
C bind lb vServer lb_vsrv -policyName POL_1 -priority 90 -gotoPriorityExpression END -type REQUEST bind lb vServer lb_vsrv -policyName POL_2 -priority 80 -gotoPriorityExpression NEXT -type REQUEST
D bind lb vServer lb_vsrv -policyName POL_1 -priority 90 -type REQUEST bind lb vServer lb_vsrv -policyName POL_2 -priority 100 -type REQUEST

Scenario: A Citrix Administrator executed the following commands on the Citrix ADC:
> add policy dataset Admin_group ipv4
> bind policy dataset Admin_group 192.168.149.10 -index 11
> bind policy dataset Admin_group 192.168.149.39 -index 12
> bind policy dataset Admin_group 192.168.149.49 -index 13
> add responder policy POL_1 !(CLIENT.IP.SRC.TYPECAST_TEXT_T.CONTAINS_ANY(\Admin_group`))` RESET
> bind lb vServer lb_vsrv_www -policyName POL_1 -priority 100 -gotoPriorityExpression END -type REQUEST
What will be the effect of these commands?

A Only users with a source IP address of 192.168.149.10, 192.168.149.39, or 192.168.149.49 will be allowed to connect to vServer lb_vsrv_www.
B Only users with a source IP address of 192.168.149.10, 192.168.149.39, or 192.168.149.49 will be blocked when attempting to connect to vServer lb_vsrv_www.
C Only users with a source IP address of 192.168.149.10 or 192.168.149.39 will be allowed to connect to vServer lb_vsrv_www.
D All traffic from users with a source IP address of 192.168.149.10, 192.168.149.39, or 192.168.149.49 will be blocked through the Citrix ADC.

Scenario: While attempting to access web server that is load balanced by a Citrix ADC using HTTPS, a user receives the message below:
SSL/TLS error: You have not chosen to trust Certificate Authority the issuer of the server's security certificate.
What can a Citrix Administrator do to prevent users from viewing this message?

A Ensure that users have the certificate's private key.
B Ensure that users have the certificate's public key.
C Ensure that the server certificate is linked to its respective intermediate and root certificates.
D Ensure that users have the server certificate installed.

Scenario: A Citrix Administrator gives permissions to team members to access their own admin partition. This will allow them to add resources for different departments and manage them without making changes to the default Citrix ADC partition and configuration.
One team member trying to use the command line interface (CLI) to troubleshoot an authentication issue could NOT use aaad.debug. However, the team member has full permissions on the admin partition.
What can be the cause of this issue?

A The team member is NOT using the CLI correctly.
B The team member needs to troubleshoot the issue from the GUI.
C The team member does NOT have permission to use the CLI.
D The team member does NOT have shell access by design.

A Citrix Administrator receives user complaints about latency while accessing an application that is load balanced on the Citrix ADC.
Which tool can the administrator use to gather information regarding response time, client network latency, and server-side processing time?

A Citrix Application Delivery Management (ADM)
B HDX Insight
C WAN Insight
D Security Insight

Scenario: After deploying a Citrix ADC in production, a Citrix Administrator notices that client requests are NOT being evenly distributed among backend resources. The administrator wants to change from the default load-balancing method to one that will help distribute the load more evenly.
Which load-balancing method would ensure that the server with the least amount of network utilization is receiving new connections?

A Least connection
B Least bandwidth
C Least response time
D Least packets

Scenario: A Citrix Administrator configured an authentication, authorization, and auditing (AAA) policy to allow users access through the Citrix ADC. The administrator bound the policy to a specific vServer.
Which policy expression will allow all users access through the vServer?

A true
B false
C ns_true
D ns_false

Scenario: The policies below are bound to a content switching vServer. bind cs vServer vserver1 -policyName CSPOL_7 -priority 100 -gotoPriorityExpression NEXT bind cs vServer vserver1 -policyName CSPOL_5 -priority 90 bind cs vServer vserver1 -policyName CSPOL_9 -priority 110 bind cs vServer vserver1 -policyName CSPOL_4 -priority 120 bind cs vServer vserver1 -policyName CSPOL_8 -priority 210
Policy CSPOL_7 has been invoked.
Which policy will be invoked next?

A CSPOL_4
B CSPOL_5
C CSPOL_9
D CSPOL_8

The Citrix ADC SDX architecture allows instances to share ___________ and __________. (Choose the two correct options to complete the sentence.)

A memory
B a CPU
C a physical interface
D the kernel

Scenario: A load-balancing vServer is configured to utilize the least bandwidth load-balancing method. A service attached to this vServer is brought into the effective state during production hours.
During the startup of a vServer, which load-balancing method is used by default?

A Least connections
B Least bandwidth
C Custom load
D Round-robin

Scenario: A Citrix ADC is configured with Interface 1/1 and bound to VLAN 40. A Citrix Administrator executes the below command:
> bind vlan 20 -ifnum 1/1
What is the result of executing this command on the Citrix ADC?

A Interface 1/1 is bound to VLAN 20, and native VLAN is 20.
B Interface 1/1 is bound to VLAN 20, and native VLAN is NOT changed.
C Interface 1/1 is bound to VLAN 20, and native VLAN is 40.
D Interface 1/1 is bound to VLAN 20, and native VLAN is 1.

To protect an environment against Hash DoS attacks, which two configurations can a Citrix Administrator use to block all post requests that are larger than 10,000 bytes? (Choose two.)

A
add policy expression expr_hashdos_prevention "http.REQ.METHOD.EQ("POST")&& http.REQ.CONTENT_LENGTH.GT(10000)" > add rewrite policy drop_rewrite expr_hashdos_prevention DROP > bind rewrite global drop_rewrite 100 END -type REQ_OVERRIDE
B
add policy expression expr_hashdos_prevention "http.REQ.METHOD.EQ("POST")&& http.REQ.CONTENT_LENGTH.GT(10000)" > add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP > bind responder global pol_resp_hashdos_prevention 70 END -type REQ_OVERRIDE
C
add policy expression expr_hashdos_prevention "http.REQ.METHOD.EQ("POST") || http.REQ.CONTENT_LENGTH.GT(10000)" > add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP > bind responder global pol_resp_hashdos_prevention 70 END -type REQ_OVERRIDE
D
add policy expression expr_hashdos_prevention "http.REQ.METHOD.EQ("POST") || http.REQ.CONTENT_LENGTH.GT(10000)" > add rewrite policy drop_rewrite expr_hashdos_prevention DROP > bind rewrite global drop_rewrite 70 END -type REQ_OVERRIDE
E
add policy expression expr_hashdos_prevention "http.REQ.METHOD.EQ("POST") || http.REQ.CONTENT_LENGTH.GT(10000)" > add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP > bind responder global pol_resp_hashdos_prevention 100 END -type REQ_OVERRIDE
F
add policy expression expr_hashdos_prevention "http.REQ.METHOD.EQ("POST") || http.REQ.CONTENT_LENGTH.GT(10000)" > add rewrite policy drop_rewrite expr_hashdos_prevention DROP > bind rewrite global drop_rewrite 100 END -type REQ_OVERRIDE

Scenario: A Citrix Administrator manages an environment that has three SSL websites, all serving the same content. www.company.com www.company.net www.company.org
The administrator would like to consolidate the websites into a single, load-balanced SSL vServer.
What can the administrator bind to use a single SSL vServer?

A A wildcard certificate to a single SSL vServer
B A wildcard certificate to a content-switching vServer
C The certificate of each website to a single SSL vServer
D A multiple SAN certificate to a single SSL vServer

Scenario: The primary content switching vServer has gone down. To troubleshoot, a Citrix Administrator has issued the following command:
> show csvserver CSV
CSV (10.1.100.100:443) -HTTPS Type: CONTENT

State: UP -
Last state change was at Mon Jun 29 15:20:43 2020
Time since last state change: 1 day, 06:47:58 610

Client Idle Timeout: 180 sec -

Down state flush: ENABLED -
Disable Primary vServer On Down: DISABLED

Appflow logging: ENABLED -

Port Rewrite: DISABLED -

State Update: DISABLED -
Default: Content Precedence: URL
vServer IP and Port insertion: OFF
Persistence: NONE redirect: http://www.site1.com/mysite1/maintenance

Backup: vServer-LB-2 -

Listen Policy: NONE -

IcmpResponse: PASSIVE -

RHIstate: PASSIVE -

Traffic Domain: 0 -
Based on this output, where will the subsequent request be redirected?

A http://www.site1.com/mysite1/maintenance
B vServer-LB-2
C Backup content switching vServer
D 10.1.100.100:443

A Citrix Administrator needs to match the host name 'www.example.com' in all HTTP requests.
Which expression, when used, meets this requirement?

A HTTP.REQ.HOSTNAME.EQ("www.example.com")
B HTTP.RES.HOSTNAME.EQ("www.example.com")
C HTTP.REQ.HOSTNAME("example.com")
D HTTP.RES.HOSTNAME.CONTAINS("www.example.com")

How can a Citrix Administrator configure a rewrite policy to change the version of HTTP from 1.1 to 1.0 in every request?

A
add rewrite action RW_ACT replace http.res.version ""HTTPS/1.0"" > add rewrite policy RW_POL true RW_ACT
B
add rewrite action RW_ACT replace http.req.version ""HTTPS/1.1"" > add rewrite policy RW_POL true RW_ACT
C
add rewrite action RW_ACT replace http.res.version ""HTTPS/1.1"" > add rewrite policy RW_POL true RW_ACT
D
add rewrite action RW_ACT replace http.req.version ""HTTPS/1.0"" > add rewrite policy RW_POL true RW_ACT

Join Us Among the Stars

1Y0-241Preview

About the 1Y0-241 Exam

Mode Selection

Question 1

Question 2

Question 3

Question 4

Question 5

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25

Question 6

Question 7

Question 8

Question 9

Question 10

Question 11

Question 12

Question 13

Question 14

Question 15

Question 16

Question 17

Question 18

Question 19

Question 20

Question 21

Question 22

Question 23

Question 24

Question 25