A Citrix Engineer needs to set up access to an internal application for external partners.
Which two entities must the engineer configure on the Citrix ADC to support this? (Choose two.)
- A . SAML Policy
- B . SAMLldP Profile
- C . SAMLldP Policy
- D . SAML Action
A,B
Explanation:
Reference: https://www.citrix.com/blogs/2015/04/09/how-to-use-saml-authentication-with-storefront-2-6/
Which action ensures that content is retrieved from the server of origin?
- A . CACHE
- B . MAY_CACHE
- C . NOCACHE
- D . MAY_NOCACHE
C
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-adc/current-release/optimization/integrated-caching/configure-cookies-headers-and-polling.html
Scenario: During application troubleshooting, a Citrix Engineer notices that response traffic received from a protected web application is NOT matching what the web server is sending out. The auditor is concerned that Man-In-The-Middle attack is in progress.
Which action is the Citrix Web App Firewall performing that would trigger this false positive?
- A . Removing the Last-Modified header
- B . Inserting a hidden form field
- C . Removing the Accept-Encoding header
- D . Modifying and adding cookies in the response
Which license must be present on the Citrix ADC for the Citrix Application Delivery Management (ADM) Service to generate HDX Insight reports that present one year’s worth of data?
- A . Advanced
- B . Premium Plus
- C . Premium
- D . Standard
Which Citrix Application Delivery Management (ADM) feature can a Citrix Engineer use to narrow a list of Citrix ADC devices based on pre-defined criteria?
- A . AutoScale Groups
- B . Instance Groups
- C . Configuration Template
- D . Tags
- E . Agent
Which protection can a Citrix Engineer implement to prevent a hacker from extracting a customer list from the company website?
- A . Cross-Site Request Forgeries (CSRF)
- B . Form Field Consistency
- C . HTML Cross-Site Scripting (XSS)
- D . HTML SQL Injection
A Citrix Engineer is notified that no traffic is reaching the protected web application. While investigating, the engineer notices that the Citrix Web App Firewall policy has 516,72 hits.
What should the engineer check next?
- A . The security checks in the assigned profile
- B . The HTML Error Object
- C . The policy expression
- D . The security checks in the global default profile
Scenario: A Citrix Engineer configures Citrix Web App Firewall to protect an application. Users report that they are NOT able to log on. The engineer enables a Start URL relaxation for the path //login.aspx.
What is the effect of the Start URL relaxation on the application?
- A . Access to the path /login.aspx is unblocked.
- B . Access to the path /login.aspx is blocked.
- C . External users are blocked from the path /login.aspx.
Internal users are permitted to the path /login.aspx. - D . Non-administrative users are blocked from the path /login.aspx Administrative users are permitted to the path /login.aspx.
Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall. The engineer enables the Learn action for the Start URL, HTML, Cross-Site Scripting, and HTML SQL Injection protections. The engineer assigns this profile to a policy, which is then bound to the virtual server.
Which two items can the engineer check to determine that the Learn action is NOT capturing any rules? (Choose two.)
- A . The HTML Error Object is configured for the profile.
- B . Enough space is left on the /flash file system.
- C . The aslearn process is running on the Citrix ADC appliance.
- D . The Learn database is less than 20 MB.
A Citrix Engineer wants to delegate management of Citrix Application Delivery Management (ADM) to a junior team member.
Which assigned role will limit the team member to view all application-related data?
- A . readonly
- B . appReadonly
- C . admin
- D . appAdmin
B
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-application-delivery-management-service/setting-up/configuring-role-based-access-control.html
Which Front End Optimization technique causes the Citrix ADC to resize images before sending them to the client?
- A . Minify
- B . Shrink to Attributes
- C . Compression
- D . Inlining
B
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-adc/current-release/optimization/front-end-optimization.html
A Citrix Engineer wants the Citrix Web App Firewall to respond with a page stored on the Citrix ADC when a violation is detected.
Which profile setting accomplishes this?
- A . Redirect URL
- B . RFC Profile
- C . Default Request
- D . HTML Error Object
D
Explanation:
Reference: https://support.citrix.com/article/CTX140293
Scenario: A Citrix Engineer has a pair of Citrix ADC VPX appliances configured as a High-Availability (HA) pair and hosted on a Citrix Hypervisor. The engineer wants to use Citrix Application Delivery Management (ADM) to monitor and manage the 35 web applications on the appliances. The engineer has imported Citrix ADM virtual appliance to Citrix Hypervisor. The engineer has also configured the management IP address settings and has added the 35 instances. However, some of the instances are NOT reporting any data.
Which two areas can the engineer check to determine the cause of the issue? (Choose two.)
- A . A Premium platform license must be configured on each instance.
- B . AppFlow must be enabled on each instance.
- C . The Citrix ADM license must be installed.
- D . An SSL certificate must be installed on the Citrix ADM appliance.
Scenario: A Citrix Engineer implements Application-level Quality of Experience (AppQoE) to protect a web application. Shortly after that, users call to complain that nearly every request is being met with a Captcha.
What can the engineer do to improve the user experience?
- A . Disable the Captcha.
- B . Increase the DOS Attack Threshold.
- C . Increase the Policy Queue Depth.
- D . Increase the Session Life.
What is required for connecting a data center to the Citrix Application Delivery Management (ADM) Service?
- A . Instance
- B . Configuration Job
- C . Agent
- D . Syslog
C
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-application-delivery-management-service/citrix-application-delivery-management-service.html
In which order is a client request to a protected web application processed?
- A . CitrixWebApp Firewall, Load Balancing, Caching, Rewrite
- B . Caching, Citrix Web App Firewall, Load Balancing, Rewrite
- C . Citrix Web App Firewall, Caching, Load Balancing, Rewrite
- D . Load Balancing, Citrix Web App Firewall, Caching, Rewrite
Which feature of Learning should a Citrix Engineer configure to direct Citrix Web App Firewall to learn from specific sessions?
- A . Advanced policy expression filter
- B . Default policy expression filter
- C . Trusted Learning Clients list
- D . Manage Content Types for Safe Commerce
C
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-adc/current-release/application-firewall/profiles/learning.html
Which Citrix Application Delivery Management (ADM) Analytics page allows an engineer to monitor the metrics of end-point analysis and authentication failures?
- A . Gateway Insight
- B . HDX Insight
- C . Web Insight
- D . Security Insight
Scenario: A Citrix Engineer creates a Responder policy to redirect users attempting to access an application protected with Citrix Web App Firewall. Instead of being redirected, users are seeing an ‘Access Denied’ page.
This is happening because Citrix Web App Firewall is processed. (Choose the correct option to complete the sentence.)
- A . before Responder, and the redirection is invalid
- B . after Responder, but the violation is applied to prevent access
- C . before Responder, and a violation is occurring
- D . after Responder, and the redirection is invalid
Scenario: A Citrix Engineer is reviewing the Citrix Web App Firewall log files using the GUI. Upon further analysis, the engineer notices that legitimate application traffic is being blocked.
What can the engineer do to allow the traffic to pass through while maintaining security?
- A . Note the protection blocking the traffic in the log entry. Edit the profile and deselect the Block action for the protection.
- B . Select the check box in the log entry. Choose Dismiss to allow the traffic to pass through from the Action menu.
- C . Note the protection blocking the traffic in the log entry. Create a new profile and policy and bind it with a larger priority number.
- D . Select the check box in the log entry. Choose Edit & Deploy to create a relaxation rule from the Action menu.
Scenario: A Citrix Engineer is monitoring the environment with Citrix Application Delivery Management (ADM). Management has asked for a report of high-risk traffic to protected internal websites.
Which dashboard can the engineer use to generate the requested report?
- A . App Security
- B . Transactions
- C . Users & Endpoints
- D . App
Scenario: A Citrix Engineer has configured Citrix Application Delivery Management (ADM) to monitor applications presented by Citrix ADC appliances. When reviewing the App Security Dashboard, the engineer finds no data.
What must the engineer do to ensure data is being collected from the applications?
- A . Enable AppFlow for Security Insight on the instances in Citrix ADM.
- B . Update the password stored in the instance profile on Citrix ADM.
- C . Point the default route on Citrix ADM to the subnet with the NSIPs of the Citrix ADC appliances.
- D . Enable the Web App Firewall feature on the Citrix ADC appliances.
Scenario: A Citrix Engineer configured signature protections for Citrix Web App Firewall. Signature Auto-Update has been enabled. Upon reviewing the log files, the engineer notices that the auto update process has an error. In the settings for Signature Auto Update the engineer notices that the URL is blank.
Which URL should the engineer enter to restore the update process?
- A . https://s3.amazonaws.com/NSAppFwSignatures/SignaturesMapping.xml
- B . https://download.citrix.com/NSAppFwSignatures/SignaturesMapping.xml
- C . https://www.citrix.com/NSAppFwSignatures/SignaturesMapping.xml
- D . https://citrix.azure.com/NSAppFwSignatures/SignaturesMapping.xml
A
Explanation:
Reference: https://support.citrix.com/article/CTX138858
Scenario: A Citrix Engineer is asked to help improve the performance of a web application. After capturing and analyzing a typical session, the engineer notices a large number of user requests for the stock price of the company.
Which action can the engineer take to improve web application performance for the stock quote?
- A . Enable the Combine CSS optimization.
- B . Create a static content group.
- C . Create a dynamic content group.
- D . Enable the Minify JavaScript optimization.
Which Citrix Web App Firewall profile setting can a Citrix Engineer implement to remove non-essential content from web files to improve response time?
- A . Strip HTML Comments
- B . Exclude Uploaded Files from Security Checks
- C . Enable Form Tagging
- D . Exempt Closure URLs from Security Checks
Which feature of Citrix Web App Firewall builds rules from known good traffic?
- A . Sessionization
- B . App Expert
- C . Adaptive learning engineer
- D . SNORT signatures
A Citrix Engineer wants to quietly track attempts that cause a web application to display a list of all user accounts.
Which action should the engineer enable to achieve this?
- A . Stats
- B . Block
- C . Log
- D . Learn
A Citrix Engineer needs to create a configuration job to clone a configuration from an existing Citrix ADC to a new Citrix ADC.
Which configuration source can the engineer use to accomplish this?
- A . Master Configuration
- B . Inbuilt Template
- C . Instance
- D . Configuration Template
C
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-application-delivery-management-software/current-release/stylebooks/migrate-citirx-adc-application-configuration-using-stylebooks.html
Scenario: A Citrix Engineer is implementing Citrix Web App Firewall to protect a new web application. The engineer has created a profile, configured the relaxation rules, and applied signature protections. Additionally, the engineer has assigned the profile to a policy and bound the policy to the application.
What is the next step for the engineer in protecting the web application?
- A . Update the global default Citrix Wed App Firewall profile with the new signature file.
- B . Enable the Signature Auto-Update feature.
- C . Enable logging on key protections.
- D . Test the web application protections with a group of trusted users.
B
Explanation:
Reference: https://docs.citrix.com/en-us/tech-zone/learn/poc-guides/citrix-waf-deployment.html
Which build-in TCP profile can a Citrix Engineer assign to a virtual server to improve performance for users who access an application from a secondary campus building over a fiber optic connection?
- A . nstcp_default_tcp_lfp
- B . nstcp_default_tcp_lan
- C . nstcp_default_tcp_interactive_stream
- D . nstcp_default_tcp_lnp
Scenario: A Citrix Engineer is asked to implement multi-factor authentication for Citrix Gateway. The engineer creates the authentication policies and binds the policies to the appropriate bind points. The engineer creates a custom form using Notepad++ to format the page which will capture the user’s credentials. The engineer uploads the form and binds the form to the authentication policy.
When the engineer connects to the Citrix Gateway for validation testing, the form fields are NOT correctly displayed.
What is the most likely cause of this display issue?
- A . The login schema contains invalid XML syntax.
- B . The authentication policies are bound in the wrong order
- C . The first authentication server is offline.
- D . The policy bindings are NOT consistent with the login schema.
Which data populates the Events Dashboard?
- A . Syslog messages
- B . SNMP trap messages
- C . API calls
- D . AppFlow IPFIX records
Scenario: A Web Application Developer asked a Citrix Engineer to implement Citrix Web App Firewall protections. To provide consistency in branding, the developer asked that the web server provide a custom message when a violation occurs.
Which profile setting does the engineer need to configure to provide the custom message?
- A . Redirect URL
- B . HTML Error Object
- C . RFC Profile
- D . Content Type Default Response
Which Citrix Web App Firewall engine setting can a Citrix Engineer use to ensure that protections are applied in the event that an advanced policy expression cannot be evaluated as either ‘True’ or ‘False’?
- A . Undefined profile
- B . Session Limit
- C . Default profile
- D . Entity Decoding
Scenario: A Citrix Engineer is reviewing the log files for a protected application. The engineer discovers a lot of errors pertaining to invalid data being supplied by users.
Which protection can the engineer implement at the Citrix Web App Firewall to reduce these errors?
- A . Field Format
- B . Cross-Site Request Forgeries (CSRF)
- C . Form Field Consistency
- D . HTML SQL Injection
What should a Citrix Engineer do when using the Learn feature for Start URL relaxation?
- A . Ensure that only valid or correct traffic is directed to the protected web application while in Learn mode.
- B . Invite at least 10 test users to collect sufficient data for the Learn feature.
- C . Create a Web App Firewall policy that blocks unwanted traffic.
- D . Ensure that the /var file system has at least 10 MB free.
Scenario: A Citrix Engineer needs to forward the Citrix Web App Firewall log entries to a central management service. This central management service uses an open log file standard.
Which log file format should the engineer use in the Citrix Web App Firewall engine settings to designate the open log file standard?
- A . CEF
- B . IIS
- C . W3C
- D . TLA
A
Explanation:
Reference: https://support.citrix.com/article/CTX136146
Which report can a Citrix Engineer review to ensure that the Citrix ADC meets all PCI-DSS requirements.
- A . Generate Application Firewall Configuration
- B . PCI-DSS Standards
- C . Application Firewall Violations Summary
- D . Generate PCI-DSS
D
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-adc/current-release/application-firewall/stats-and-reports.html
Which two protections ensure that the correct data is returned by the client? (Choose two.)
- A . Form Field Consistency.
- B . Field Formats
- C . HTML Cross-Site Scripting (XSS)
- D . Cross-Site Request Forgeries (CSRF)
A,D
Explanation:
Reference: https://docs.citrix.com/en-us/citrix-adc/citrix-adc-secure-deployment/secure-deployment-guide.html
A review of purchases made at an online retailer shows that several orders were processed for items at an unpublished price.
Which protection can a Citrix Engineer implement to prevent a site visitor from modifying the unit price of a product on the shopping cart page?
- A . Cross-Site Request Forgeries (CSRF)
- B . Form Field Consistency
- C . HTML Cross-Site Scripting (XSS)
- D . HTML SQL Injection