Citrix 1y0-241 practice test

Deploy and Manage Citrix ADC with Traffic Management Exam


Question 1

Scenario: A Citrix Administrator needs to integrate LDAP for Citrix ADC system administration using
current active directory (AD) groups. The administrator created the group on the Citrix ADC, exactly
matching the group name in LDAP.
What can the administrator bind to specify the permission level and complete the LDAP
configuration?

  • A. A command policy to the group
  • B. A nested group to the new group
  • C. Users to the group on the Citrix ADC
  • D. An authentication, authorization, and auditing (AAA) action to the group
Answer:

A

Reference: https://support.citrix.com/article/CTX123782

Discussions

Question 2

When a Citrix ADC high availability (HA) pair failover occurs, by what method does the Citrix ADC
communicate to the network switches and routers that IP-to-MAC address bindings have changed?

  • A. Reverse ARP (RARP) to update the network devices
  • B. MAC-based forwarding (MBF) to update the routers
  • C. Proxy ARP to update the network devices
  • D. Gratuitous ARPs (GARPs) to update the network devices
Answer:

D

Reference:
https://www.citrix.com/blogs/2015/01/05/netscaler-best-practice-with-vmac-in-a-high-
availabilityconfiguration/

Discussions

Question 3

Scenario: Users are trying to access https://cs.mycompany.com, but are receiving the error below:
HTTP 503 Service Unavailable
What can a Citrix Administrator change in the Citrix ADC configuration to fix this?

  • A. Enable the content switching feature.
  • B. Disable the spillover redirect URL.
  • C. Bind a certificate.
  • D. Bind the default load-balancing vServer.
Answer:

D

Reference: https://support.citrix.com/article/CTX120240

Discussions

Question 4

A Citrix Network Engineer informs a Citrix Administrator that a data interface used by Citrix ADC SDX
is being saturated.
Which action could the administrator take to address this bandwidth concern?

  • A. Add a second interface to each Citrix ADC VPX instance.
  • B. Configure a failover interface set on each Citrix ADC VPX instance.
  • C. Configure LACP on the SDX for the data interface.
  • D. Configure LACP on the SDX for management interface.
Answer:

C

Reference: https://training.citrix.com/public/Exam+Prep+Guides/241/1Y0-
241_Exam_Preparation_Guide_v01.pdf

Discussions

Question 5

A Citrix Administrator needs to use a clients IP address as the source IP address for Citrix ADC-to-
server connections.
Which Citrix ADC mode can the administrator use to meet this requirement?

  • A. USNIP
  • B. Layer 2
  • C. Layer 3
  • D. USIP
Answer:

D

Reference: https://support.citrix.com/article/CTX121974

Discussions

Question 6

Scenario: The primary content switching vServer has gone down. To troubleshoot, a Citrix
Administrator has issued the following command:
> show csvserver CSV
CSV (10.1.100.100:443) HTTPS Type: CONTENT
State: UP
Last state change was at Mon Jun 29 15:20:43 2020
Time since last state change: 1 day, 06:47:58 610
Client Idle Timeout: 180 sec
Down state flush: ENABLED
Disable Primary vServer On Down: DISABLED
Appflow logging: ENABLED
Port Rewrite: DISABLED
State Update: DISABLED
Default: Content Precedence: URL
vServer IP and Port insertion: OFF
Persistence: NONE redirect: http://www.site1.com/mysite1/maintenance
Backup: vServerLB2
Listen Policy: NONE
IcmpResponse: PASSIVE
RHIstate: PASSIVE
Traffic Domain: 0
Based on this output, where will the subsequent request be redirected?

  • A. http://www.site1.com/mysite1/maintenance
  • B. vServer–LB-2
  • C. Backup content switching vServer
  • D. 10.1.100.100:443
Answer:

A

Discussions

Question 7

Scenario: A Citrix Administrator manages an environment that has three SSL websites, all serving the
same content.
www.company.com
www.company.net
www.company.org
The administrator would like to consolidate the websites into a single, load-balanced SSL vServer.
What can the administrator bind to use a single SSL vServer?

  • A. A wildcard certificate to a single SSL vServer
  • B. A wildcard certificate to a content-switching vServer
  • C. The certificate of each website to a single SSL vServer
  • D. A multiple SAN certificate to a single SSL vServer
Answer:

C

Discussions

Question 8

Scenario: A Citrix Administrator suspects an attack on a load-balancing vServer (IP address
192.168.100.25).
The administrator needs to restrict access to this vServer for 10 minutes.
Which Access Control List (ACL) will accomplish this?

  • A. add simpleacl rule1 DENY –srcIP 192.168.100.25 –TTL 600000
  • B. add simpleacl rule1 DENY –srcIP 192.168.100.25 –TTL 600
  • C. add ns acl rule1 DENY –destIP 192.168.100.25 –TTL 600000
  • D. add ns acl rule1 DENY –destIP 192.168.100.25 –TTL 600
Answer:

D

Discussions

Question 9

To protect an environment against Hash DoS attacks, which two configurations can a Citrix
Administrator use to block all post requests that are larger than 10,000 bytes? (Choose two.)

  • A. > add policy expression expr_hashdos_prevention http.REQ.METHOD.EQ(\POST\)&& http.REQ.CONTENT_LENGTH.GT(10000) > add rewrite policy drop_rewrite expr_hashdos_prevention DROP > bind rewrite global drop_rewrite 100 END type REQ_OVERRIDE
  • B. > add policy expression expr_hashdos_prevention http.REQ.METHOD.EQ(\POST\)&& http.REQ.CONTENT_LENGTH.GT(10000) > add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP > bind responder global pol_resp_hashdos_prevention 70 END type REQ_OVERRIDE
  • C. > add policy expression expr_hashdos_prevention http.REQ.METHOD.EQ(\POST\) || http.REQ.CONTENT_LENGTH.GT(10000) > add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP > bind responder global pol_resp_hashdos_prevention 70 END type REQ_OVERRIDE
  • D. > add policy expression expr_hashdos_prevention http.REQ.METHOD.EQ(\POST\) || http.REQ.CONTENT_LENGTH.GT(10000) > add rewrite policy drop_rewrite expr_hashdos_prevention DROP > bind rewrite global drop_rewrite 70 END type REQ_OVERRIDE
  • E. > add policy expression expr_hashdos_prevention http.REQ.METHOD.EQ(\POST\) || http.REQ.CONTENT_LENGTH.GT(10000) > add responder policy pol_resp_hashdos_prevention expr_hashdos_prevention DROP NOOP > bind responder global pol_resp_hashdos_prevention 100 END type REQ_OVERRIDE
  • F. > add policy expression expr_hashdos_prevention http.REQ.METHOD.EQ(\POST\) || http.REQ.CONTENT_LENGTH.GT(10000) > add rewrite policy drop_rewrite expr_hashdos_prevention DROP > bind rewrite global drop_rewrite 100 END type REQ_OVERRIDE
Answer:

BE

Reference: https://support.citrix.com/article/CTX131868

Discussions

Question 10

Scenario: A Citrix Administrator configured SNMP to send traps to an external SNMP system. When
reviewing the messages, the administrator notices several entity UP and entity DOWN messages.
To what are these messages related?

  • A. Load-balancing vServers
  • B. Network interface
  • C. High availability nodes
  • D. SSL profile
Answer:

A

Discussions
To page 2