Refresh 1Y0-351 vce Guide

Testking 1Y0-351 Questions are updated and all 1Y0-351 answers are verified by experts. Once you have completely prepared with our 1Y0-351 exam prep kits you will be ready for the real 1Y0-351 exam without a problem. We have Down to date Citrix 1Y0-351 dumps study guide. PASSED 1Y0-351 First attempt! Here What I Did.

Q41. Which troubleshooting tool will show policy hits and verify that a policy expression is being invoked? 

A. nspepi 

B. nsapimgr 


D. nsconmsg 


Q42. Scenario: A NetScaler Engineer is working with a NetScaler appliance that has two network interface cards (NICs). The first NIC is placed on the DMZ network and the second NIC is on the internal network. The default route is configured to the gateway on the internal network. A virtual server is configured on the DMZ-network and the firewall on the DMZ is using network address translation (NAT) to allow external traffic to the virtual server. When a user from the Internet attempts to connect to the NAT'd external address, the session never establishes. The engineer performs an nstrace and sees that the user's traffic hits the NetScaler. The engineer then discovers that the problem is an asymmetrical packet flow. Which two settings could the engineer configure to resolve the issue? (Choose two.) 

A. Link load balancing (LLB) 

B. Policy-based routing (PBR) 

C. Extended access list (ACL) 

D. MAC-based forwarding (MBF) 

E. Reverse network address translation (RNAT) 

Answer: B, D 

Q43. When a content-switching virtual server is used and idle client connections must stay established longer than the default NetScaler value, in which two locations could an engineer adjust the client timeout setting? (Choose two.) 

A. Global Timeout Settings 

B. Load-balancing services 

C. Load-balancing virtual server 

D. Content-switching virtual server 

Answer: A, D 

Q44. What is the purpose of the SSL Certificate Authority (CA) root certificate during an SSL connection? 

A. SSL Cipher Exchange 

B. Session Key Exchange 

C. Pre Shared Master Secret Generation 

D. Server Certificate Signature Verification 


Q45. An end user is receiving authentication errors when accessing a load-balancing virtual server that uses Authentication, Authorization and Access (AAA)-TM. Which shell command should a NetScaler Engineer execute to show AAA events in real time to help diagnose this issue? 

A. tail /tmp/aaad.debug 

B. cat /tmp/aaad.debug 

C. grep aaa /tmp/nskrb.debug 

D. egrep aaa /tmp/pitboss.debug 


Q46. Which SSL parameter should an engineer configure to bind multiple certificate key pairs to a virtual server? 

A. SNI enable 

B. Session reuse 

C. Send close-notify 

D. Client authentication 


Q47. Scenario: A NetScaler Engineer has created an SSL virtual server that utilizes SSL services. 

The engineer needs to configure certificate authentication from the NetScaler to the backend web services. What should the engineer do to meet the requirements outlined in the scenario? 

A. Bind a CA Certificate to the SSL Services. 

B. Bind a Client Certificate to the SSL Services. 

C. Create an SSL policy to present the Client Certificate to the web services. 

D. Enable Client Authentication and set Client Certificate to mandatory on the virtual server. 


Q48. Which NetScaler IP address must a NetScaler Engineer set for management and general system access purposes? 






Q49. Which of the listed options is a simple Access Control List (ACL) attribute? 


B. Source IP address 

C. NetScaler interface 

D. Destination IP address 


Q50. Which command must an engineer use to run a cluster with less than (n/2+1) number nodes online? 

A. add cluster <node> -quorumType Majority 

B. add cluster instance <name> -quorum None 

C. add cluster instance <clid> -quorumType None 

D. add cluster instance <clid> -quorumType Majority