Which set of items can a Citrix Administrator change when configuring a portal theme for users?
- A . Browser requirements, logo, labels
- B . Logo, background, browser requirements
- C . Font color, labels, URL displayed
- D . Logo, background, labels
D
Explanation:
Reference: https://support.citrix.com/article/CTX205486
A Citrix Administrator needs to provide access to Microsoft SharePoint through Citrix Gateway for users connecting from a web browser using the Citrix Gateway plug-in.
How can the administrator configure this?
- A . Configure Citrix Gateway in ICA proxy mode.
- B . Set clientless access to OFF.
- C . Enable SSL bridge mode.
- D . Set clientless access to ON.
Which Citrix ADC service monitor can a Citrix Administrator use to test the three-way handshake between the Citrix ADC and the backend server?
- A . PING
- B . UDP
- C . LDAP
- D . TCP
D
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-adc/current-release/load-balancing/load-balancing-builtinmonitors/monitor-tcp.html
Scenario: A Citrix Administrator would like to grant access to a Junior Citrix Administrator on the Citrix ADC.
The administrator would like to grant full access to everything except:
– Shell
– User configuration
– Partition configuration
Which preexisting command policy would meet the needs of this scenario?
- A . Network
- B . Operator
- C . Sysadmin
- D . Superuser
C
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-adc/current-release/system/authentication-and-authorization-forsystem-user/user-usergroups-command-policies.html
Which three pieces of information are required for a Citrix Unified Gateway deployment? (Choose three.)
- A . Advanced license or higher
- B . Valid SSL certificate
- C . Multiple IP addresses for user access
- D . Secondary authentication for the Citrix Gateway
- E . Content Switching virtual server
Scenario: A Citrix Administrator manages an environment that has three SSL websites, all serving the same content.
www.company.com
www.company.net
www.company.org
The administrator would like to consolidate the websites into a single, load-balanced SSL virtual server.
What can the administrator bind to use a single SSL virtual server?
- A . The certificate of each website to a single SSL virtual server
- B . A wildcard certificate to a single SSL virtual server
- C . A multiple SAN certificate to a single SSL virtual server
- D . A wildcard certificate to a content-switching virtual server
Which scenario will cause automatic high availability (HA) synchronization to fail?
- A . Different build versions
- B . A configuration change to the primary Citrix ADC
- C . A forced failover
- D . Manually forced synchronization
D
Explanation:
Reference: https://support.citrix.com/article/CTX124439
Which authentication type can a Citrix Administrator use to enable Citrix ADC authentication, authorization, and auditing (AAA) dual-factor authentication from a user’s mobile device app?
- A . LDAP
- B . LOCAL
- C . SAML
- D . RADIUS
A
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-adc/current-release/system/authentication-and-authorization-forsystem-user/two-factor-authentication-for-system-users-and-external-users.html
Scenario: To meet the security requirements of the organization, a Citrix Administrator needs to configure a Citrix Gateway virtual server with time-outs for user sessions triggered by the behaviors below:
✑ Inactivity for at least 15 minutes.
✑ No keyboard or mouse activity for at least 15 minutes
Which set of time-out settings can the administrator configure to meet the requirements?
- A . Session time-out and client idle time-out set to 15
- B . Session time-out and forced time-out set to 15
- C . Client idle time-out and forced time-out set to 15
- D . Client idle time-out and forced time-out set to 900
A
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-gateway/current-release/vpn-user-config/configure-pluginconnections/configure-time-out-settings.html
Scenario: A Citrix Administrator needs to test a SAML authentication deployment to be used by internal users while accessing several externally hosted applications. During testing, the administrator notices that after successfully accessing any partner application, subsequent applications seem to launch without any explicit authentication request.
Which statement is true regarding the behavior described above?
- A . It is expected if the Citrix ADC appliance is the common SAML identity provider (IdP) for all partners.
- B . It is expected due to SAML authentication successfully logging on to all internal applications.
- C . It is expected if all partner organizations use a common SAML service provider (SP).
- D . It indicates the SAML authentication has failed and the next available protocol was used.
A Citrix Administrator needs to deploy a Citrix ADC between the servers and the client, with servers only allowed to reach the client through the Citrix ADC.
In which mode should the administrator deploy the Citrix ADC?
- A . Inline
- B . Direct server return
- C . Transparent
- D . One-arm
Scenario: A Citrix Administrator needs to configure an authentication workflow on Citrix ADC with the below requirements.
All internal users must use their corporate credentials to authenticate.
Users from partner organizations must be authenticated using their own directory services without replication or a synchronization process.
How can the administrator meet the above requirements while authenticating the users?
- A . Deploy SAML on Citrix ADC in the service provider (SP) role for users from partner organizations.
- B . Create two LDAP and two SAML authentication policies on the authentication, authorization, and auditing (AAA) virtual server.
- C . Configure nFactor authentication with two LDAP advanced policies and one SAML advanced policy.
- D . Configure two dedicated AAA virtual servers for internal and partner users.
Which profile can a Citrix Administrator create to configure a default profile that disables TLSv1?
- A . DTLS
- B . TCP
- C . HTTP
- D . SSL
D
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-adc/current-release/ssl/ssl-profiles/secure-front-end-profile.html
Scenario: A Citrix Administrator needs to integrate LDAP for Citrix ADC system administration using current Active Directory (AD) groups. The administrator created the group on the Citrix ADC, exactly matching the group name in LDAP.
What can the administrator bind to specify the permission level and complete the LDAP configuration?
- A . Users to the group on the Citrix ADC
- B . A nested group to the new group
- C . An authentication, authorization, and auditing (AAA) action to the group
- D . A command policy to the group
D
Explanation:
Reference: https://support.citrix.com/article/CTX123782
A Citrix Administrator needs to configure a Citrix Gateway virtual IP to allow incoming connections initiated exclusively from web browser sessions.
Which advanced policy will accomplish this?
- A . REQ.HTTP.HEADER User-Agent NOTCONTAINS CitrixReceiver
- B . REQ.HTTP.HEADER User-Agent CONTAINS Chrome/78.0.3904.108 Safari/537.36
- C . HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“Mozilla”)
- D . HTTP.REQ.HEADER(“User-Agent”).CONTAINS(“CitrixReceiver”)
A
Explanation:
Reference: https://stalhood2.rssing.com/chan-58610415/all_p2.html
The Citrix ADC SDX architecture allows instances to share _____________ and _____________. (Choose the two correct options to complete the sentence.)
- A . the kernel
- B . CPU
- C . memory
- D . physical interfaces
Scenario: A Citrix Administrator made changes to a Citrix ADC, deleting parts of the configuration and saving some new ones. The changes caused an outage that needs to be resolved as quickly as possible. There is no Citrix ADC backup.
What does the administrator need to do to recover the configuration quickly?
- A . Restore from the revision history.
- B . Run high availability (HA) file synchronization.
- C . Restart the Citrix ADC.
- D . Run saved versus running configuration.
Scenario: While performing a disaster recovery test, a Citrix Administrator decides to failover the Citrix ADC high availability (HA) pair appliances. The administrator notices that the failover is NOT working as expected, and the secondary Citrix ADC is NOT taking over as primary. The administrator suspects that networking issues may be causing the failure.
What could be the cause of this issue?
- A . HA monitoring is enabled on an interface of the secondary node that shows as
ENABLED, DOWN. - B . HA monitoring is enabled on a disabled interface of the primary node.
- C . HA heartbeats are only seen on some enabled interfaces of the secondary node.
- D . The Independent Network Configuration (INC) mode is enabled on the primary node.
Scenario: A Citrix Administrator needs to create local, limited-privilege user accounts for other administrators.
The other administrators will require only:
✑ The ability to enable and disable services and servers
✑ Read-only access
Which built-in command policy permission level can the administrator use?
- A . Read-only
- B . Operator
- C . Sysadmin
- D . Network
What can a Citrix Administrator configure to filter IPv4 addresses?
- A . Pattern set
- B . Data set
- C . Citrix Web App Firewall
- D . URL set