Citrix 1Y0-340 Dumps Questions 2021

NEW QUESTION 1
A Citrix Engineer has configured NetScaler Web Logging on a Linux client machine. The engineer needs to verify if the log.conf file has been configured correctly and that there are NO syntax errors.
Which command can the engineer use to accomplish this?

• A. nswl -verify –f/ns/etc/log.conf
• B. nswl -verify –f/usr/local/netscaler/etc/log.conf
• C. nswl –verify –f/usr/local/netscaler/bin/log.conf
• D. nswl –verify –f/ns/bin/log.conf

Answer: B

NEW QUESTION 2
A Citrix Engineer observes that after enabling the security checks in Learning mode only in an Application Firewall profile, the NetScaler is blocking the non-RFC compliant HTTP packets.
What can the engineer modify in the configuration to resolve this issue?

• A. Disable Drop Invalid Requests in the HTTP Profile settings.
• B. Set Default profile in application firewall settings as APPFW_BYPASS.
• C. Set Undefined Action in application firewall settings as APPFW_BYPASS.
• D. Enable Drop Invalid Requests in the HTTP Profile settings.

Answer: B

NEW QUESTION 3
Which NetScaler owned IP address is used by NetScaler Management and Analytics System (NMAS) to communicate with NetScaler Instances?

• A. VIP (Virtual IP)
• B. NSIP (NetScaler IP)
• C. CLIP (Cluster IP)
• D. SNIP (Subnet IP)

Answer: B

NEW QUESTION 4
Which content type takes the maximum advantage of web caching mechanisms to boost performance?

• A. Pseudo-Dynamic Content
• B. Pseudo-Static Content
• C. Static Content
• D. Dynamic Content

Answer: D

NEW QUESTION 5
Scenario: A Citrix Engineer needs to configure an Application Firewall policy for an online shopping website called “mycompany.com”. As a security measure, the shopping cart application is hosted on a separate directory “/mycart” on the backend server. The engineer configured a profile to secure the connections to this shopping cart and now needs to ensure that this profile is allied to all incoming connections to the shopping cart.
Which policy expression will accomplish this requirement?

• A. http.req.ur
• B. contains(“/mycart”) & http:req.url.hostname.eq(“mycompany.com”)
• C. http.req.ur
• D. contains(“/mycart”) || http:req.url.hostname.eq(“mycompany.com”)
• E. http.req.header (“url”).contains (“/mycart”) || http.req.url.contains (“mycompany.com”)
• F. http.req.header (“url”).contains (“/mycart”) && http:req.url.contains (“mycompy.com”)

Answer: A

NEW QUESTION 6
How can a Citrix Engineer configure a specific LDAP attribute in the nFactor implementation?

• A. Specify the attribute in the LDAP server attributes field.
• B. Change the order of the policies.
• C. Add the attribute on the nFactor traffic policy.
• D. Change the login schema and add the new attribute.

Answer: D

NEW QUESTION 7
A Citrix Engineer has correctly installed and configured the NetScaler Web Logging (NSWL) client but has noticed that logs are NOT being updated.
What could be causing this issue?

• A. The TCP port 3011 is NOT open between the NSWL client and NetScaler.
• B. The NSWL client executable is NOT running on the client.
• C. The NSWL buffer is full on the NetScaler.
• D. An NSIP is missing in the log.conf file

Answer: D

NEW QUESTION 8
A Citrix Engineer needs to protect a website that contains sensitive data such as employee ID numbers and customer ID numbers.
Which security check can the engineer implement to protect the sensitive data?

• A. Content-type
• B. Safe Object Check
• C. Field Formats
• D. CSRF Form tagging

Answer: B

Explanation: The Safe Object check provides user-configurable protection for sensitive business information, such as customer numbers, order numbers, and country-specific or region-specific telephone numbers or postal codes.

NEW QUESTION 9
A Citrix Engineer has determined that users are able to access random URLs on a web site through bookmarks and by manually typing in the URLs to skip the pages required to reach that part of the website.
Which two checks can the engineer enable to prevent this attack? (Choose two.)

• A. Form Field Consistency
• B. Deny URL
• C. Start URL
• D. Buffer overflow
• E. HTML Cross-site scripting

Answer: CD

NEW QUESTION 10
Scenario: A Citrix Engineer has configured LDAP group extraction on the NetScaler Management and Analytics System (NMAS) for the administration. The engineer observes that extraction is NOT working for one of the five configured groups.
What could be the cause of the issue?

• A. The admin bind user has read-only permissions on the LDAP server.
• B. The NMAS group does NOT match the one on the external LDAP servers.
• C. The LDAP bind DN is incorrectly configured in the LDAP profile.
• D. The user group extraction is NOT supported with plaintext LDAP.

Answer: B

NEW QUESTION 11
Scenario: A Citrix Engineer configures an Application Firewall HTML SQL Injection Check and sets it to BLOCK and to use SQLSplCharANDKeyword as the SQL injection type. The engineer checks the logs and finds that nothing is being blocked.
What can be the cause of the Application Firewall failing to block the attack?

• A. The request contains SQL Wildcard Characters.
• B. The request neither contains SQL Special Characters nor keywords.
• C. The request only contains SQL Special Characters.
• D. The request only contains SQL keywords.

Answer: B

NEW QUESTION 12
Scenario: A Citrix Engineer is trying to optimize a website that is load balanced on a NetScaler and is accessed by mobile users. The web application is complex and made up of hundreds of embedded images, scripts, and other objects per page. This limitation is creating a significant bottleneck, resulting in excessive load times.
Which NetScaler feature can the engineer use to optimize the web application?

• A. Domain Sharding
• B. SPDY (Speedy)
• C. Multipath TCP
• D. Minification

Answer: A

Explanation: The leading capability in this category is domain sharding. By default, browsers restrict the number of parallel connections that can be open to any one domain. Typically, fewer than ten are allowed. For complex web applications with hundreds of embedded images, scripts and other objects per page, this limitation can create a significant bottleneck resulting in excessive load times. With domain sharding, NetScaler MobileStream modifies administrator-selected URLs by breaking them into sub-domains to allow client web browsers to open multiple groups of parallel connections. As a result, object-heavy pages are downloaded and can be rendered up to 10 times faster. Also included in this category is cache extension, a capability that leverages advanced browser settings and NetScaler AppCache functionality to further improve performance by maximizing the practice of locally caching static content.

NEW QUESTION 13
A Citrix Engineer observes the following event in the ns.log:
Aug 3 11:55:58 <local0.info> 10.248.64.10 08/03/2015:15:55:58 GMT ATL0NS01 0-PPE-1: default APPFW APPFW_STARTURL 406856 0: 10.248.13.13 11152-PPE1
LG+hd4LkcYiOyQVWvOTsCtSyiv00001 SPI Disallow illegal URL: https://training.citrix.com/login
<blocked>
Which Application Firewall profile has blocked the URL?

• A. SPI
• B. APPFW_STARTURL
• C. ATL0NS01
• D. SPI Disallow illegal URL

Answer: C

NEW QUESTION 14
Scenario: A Citrix Engineer needs to configure an external SNMP server in a High Availability setup. The engineer configured the load-balancing virtual server to access the NetScaler Management and Analytics System (NMAS) HA pair.
Which IP address will be configured on the external SNMP Manager to add the NMAS devices?

• A. IP Address of the LB VIP
• B. IP Address of the Primary node
• C. IP Address of the active mode
• D. IP Address of both the NMAS nodes

Answer: D

NEW QUESTION 15
A Citrix Engineer enabled Credit Card Security check in the Application Firewall Profile. Which response header will be dropped by Application Firewall after this check is enabled?

• A. Content-Encoding
• B. Content-Location
• C. Content-Type
• D. Content-Length

Answer: D

NEW QUESTION 16
Scenario: A Citrix Engineer has configured Security Insight on NetScaler Management and Analytics System (NMAS) with Firmware version 12.0.41.16 to monitor the Application Firewall.
The NetScaler ADC is running version 12.0.51.24 using Enterprise License with Application Firewall only License. However, after enabling Security insight, the engineer is NOT able to see any data under security insight.
What is causing this issue?

• A. NetScaler should have a Standard License.
• B. The NMAS version should be higher or equivalent to the NetScaler version.
• C. NetScaler should have a Platinum license.
• D. NMAS should be on Platinum license.

Answer: B

NEW QUESTION 17
A Citrix Engineer needs to configure an application firewall profile to ensure that the images uploaded on the website are NOT malicious. The engineer needs to create a policy to filter the upload requests and ensure that they are in JPEG format.
Which expression can the engineer use to fulfill this requirement?

• A. http.req.url.endswith (“.jpeg) & & http.req.method.eq (POST)
• B. http.req.url.contains (“.jpeg) & & http.req.method.eq (GET)
• C. http.req.url.endswith (“.jpeg) || http.req.method.eq (GET)
• D. http.req.header (“Content-Type”).contains (“image/jpeg”) || http.req.method.eq(POST)

Answer: D

NEW QUESTION 18
Scenario: A Citrix Engineer uses one StyleBook on a NetScaler Management and Analytics System (NMAS) to create multiple load-balanced virtual server configurations for NetScaler instances. The configuration is saved in a config pack.
In which two locations is the StyleBook config pack saved? (Choose two.)

• A. NetScaler Instance
• B. NetScaler SDX
• C. Syslog Server
• D. Local network
• E. NMAS

Answer: AE