Recommend!!

Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

Citrix
Exam Questions 1Y0-341
Citrix ADC Advanced Topics - Security-Management and Optimization

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

 Recommend!! Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

NEW QUESTION 1
Scenario: A Citrix Engineer configured signature protections for Citrix Web App Firewall. Signature Auto- Update has been enabled. Upon reviewing the log files,
the engineer notices that the auto update process has an error. In the settings for Signature Auto Update the engineer notices that the URL is blank.
Which URL should the engineer enter to restore the update process?

A. https://s3.amazonaws.com/NSAppFwSignatures/SignaturesMapping.xml
B. https://download.citrix.com/NSAppFwSignatures/SignaturesMapping.xml
C. https://www.citrix.com/NSAppFwSignatures/SignaturesMapping.xml
D. https://citrix.azure.com/NSAppFwSignatures/SignaturesMapping.xml

Answer: A

NEW QUESTION 2
Scenario: A Citrix Engineer implements Application-level Quality of Experience (AppQoE) to protect a web application. The engineer configures the AppQoE action
to deliver a custom response from a backup server once the maximum number of concurrent connection is reached.
To achieve this, the engineer should set the Acton Type to and specify the . (Choose the correct option to complete the sentence.)

A. NS; Alternate Content Server Name

B. ACS; Custom File
C. ACS; Alternate Content Server Name
D. NS; Custom File

Answer: C

NEW QUESTION 3
Scenario: A Citrix Engineer is monitoring the environment with Citrix Application Management (ADM). Management has asked lota report of high-risk traffic to
protected internal websites.
Which dashboard can the engineer use to generate the requested report?

A. Transactions
B. APP
C. APP Security
D. Users & Endpoints

Answer: C

NEW QUESTION 4
Which Front End Optimization technique causes the Citrix ADC to resize images before sending them to the client?

A. Minify
B. Shrink to Attributes
C. Compression
D. Inlining

Answer: B

NEW QUESTION 5
Scenario: A Citrix Engineer has configured Citrix Application Delivery Management (ADM) to monitor applications presented by Citrix ADC appliances. When
reviewing the App Security Dashboard, the engineer finds no data.
What must the engineer do to ensure data is being collected from the applications?

A. Enable AppFlow for Security Insight on the instances in Citrix ADM.

B. Update the password stored in the instance profile on Citrix ADM.
C. Point the default route on Citrix ADM to the subnet with the NSIPs of the Citrix ADC appliances.
D. Enable the Web App Firewall feature on the Citrix ADC appliances.

Answer: A

NEW QUESTION 6
Which feature of Citrix Web App Firewall builds rules from known good traffic?

A. Sessionization
B. App Expert
C. Adaptive learning engineer
D. SNORT signatures

Answer: C

NEW QUESTION 7
Which variable will display the client's source IP address when added to an HTML Error Object page?

A. $<CUENTIP.SRC>
B. ${CUENT.IPSRC}
C. $(CLIENT.1P.SRC)
D. $[CLIENT.IP.SRC]

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

 Recommend!! Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

Answer: B

NEW QUESTION 8
Which security model should a Citrix Engineer implement to ensure that only appropriate traffic that matches the expected application behavior is permitted to pass
through to the web application?

A. Dynamic
B. Hybrid
C. Positive
D. Negative

Answer: C

NEW QUESTION 9
Scenario: A Citrix Engineer implements Application-level Quality of Experience (AppQoE) to protect a web application. Shortly after that, users call to complain that
nearly every request is being met with a Captcha.
What can the engineer do to improve the user experience?

A. Disable the Captcha.

B. Increase the DOS Attack Threshold.
C. Increase the Policy Queue Depth.
D. Increase the Session Life.

Answer: B

NEW QUESTION 10
Scenario: A Citrix Engineer wants to use Citrix Application Delivery Management (ADM) to monitor a single Citrix ADC VPX with eight web applications and one
Citrix Gateway. It is important that the collected data be protected.
Which deployment will satisfy the requirements?

A. A single Citrix ADM with database replication to a secondary storage repository.

B. A pair of Citrix ADM virtual appliances configured for High Availability.
C. A single Citrix ADM imported onto the same hypervisor as the Citrix ADC VPX.
D. A pair of Citrix ADM virtual appliances, each working independently.

Answer: B

NEW QUESTION 10
What is required for connecting a data center to the Citrix Application Delivery Management (ADM) Service?

A. Instance
B. Configuration Job
C. Agent
D. Syslog

Answer: C

NEW QUESTION 14
Scenario: A Citrix Engineer creates a Responder policy to redirect users attempting to access an application protected with Citrix Web App Firewall. Instead of
being redirected, users are seeing an ‘Access Denied’ page.
This is happening because Citrix Web App Firewall is processed. (Choose the correct option to complete the sentence.)

A. before Responder, and the redirection is invalid

B. after Responder, but the violation is applied to prevent access
C. before Responder, and a violation is occurring
D. after Responder, and the redirection is invalid

Answer: C

NEW QUESTION 18
Scenario: A Citrix Engineer is reviewing the log files for a protected application. The engineer discovers a lot of errors pertaining to invalid data being supplied by
users.
Which protection can the engineer implement at the Citrix Web App Firewall to reduce these errors?

A. Field Format
B. Cross-Site Request Forgeries (CSRF)
C. Form Field Consistency
D. HTML SQL Injection

Answer: C

NEW QUESTION 19
A Citrix Engineer for an online retailer wants to ensure that customer address information is NOT stolen. Which protection can the engineer implement to prevent
this?

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

 Recommend!! Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

A. Cross-Site Request Forgeries (CSFR)

B. HTML SQL Injection
C. For Field Consistency
D. Credit Card Check

Answer: B

NEW QUESTION 22
Scenario: A Citrix Engineer reviewed the log files of a web application and found the error message below: "Unable to complete request Unrecognized field
cext2_price>" Which protection can the engineer implement to prevent this error from happening?

A. Form Field Consistency

B. Cross-Site Request Forgeries (CSRF)
C. HTML SQL Injection
D. HTML Cross-Site Scripting (XSS)

Answer: A

NEW QUESTION 27
A Citrix Engineer wants the Citrix Web App Firewall to respond with a page stored on the Citrix ADC when a violation is detected.
Which profile setting accomplishes this?

A. Redirect URL
B. RFC Profile
C. Default Request
D. HTML Error Object

Answer: D

NEW QUESTION 32
Which Citrix Application Delivery Management (ADM) Analytics page allows an engineer to measure the ICA Round Trip Time for user connections?

A. Security Insight
B. Gateway Insight
C. TCP Insight
D. HDX Insight
E. Web Insight

Answer: B

NEW QUESTION 35
A Citrix Engineer needs to create a configuration job to clone a configuration from an existing Citrix ADC to a new Citrix ADC.
Which configuration source can the engineer use to accomplish this?

A. Master Configuration
B. Inbuilt Template
C. Instance
D. Configuration Template

Answer: C

NEW QUESTION 36
Scenario: A Citrix Engineer has configured Integrated Caching to improve application performance. Within hours, the Citrix ADC appliance has run out of memory.
Which Content Group setting can the engineer configure to show the caching process until a need is demonstrated?

A. Maximum memory usage limit

B. Quick Abort Size
C. Do not cache – if hits are less than
D. Do not cache – if size exceeds

Answer: A

NEW QUESTION 37
Scenario: A Citrix Engineer needs to ensure that the flow of traffic to a web application does NOT overwhelm the server. After thorough testing, the engineer
determines that the application can handle a maximum of 3,000 requests per minute. The engineer builds a limit identifier, rl_maxrequests, to enforce this
limitation.
Which advanced expression can the engineer write in the Responder policy to invoke rate limiting?

A. SYS.CHECK_LIMIT(“rl_maxrequests”)
B. SYS.CHECK_LIMIT(“rl_maxrequests”).CONTAINS(“Busy”)
C. SYS.CHECK_LIMIT(“rl_maxrequests”).IS_VALID
D. SYS.CHECK_LIMIT(“rl_maxrequests”).GE(3000)

Answer: B

NEW QUESTION 40

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

 Recommend!! Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

Scenario: A Citrix Engineer is monitoring the environment with Citrix Application Delivery Management (ADM). Management has asked for a report of high-risk
traffic to protected internal websites.
Which dashboard can the engineer use to generate the requested report?

A. App Security
B. Transactions
C. Users & Endpoints
D. App

Answer: B

NEW QUESTION 42
A Citrix Engineer wants to quietly track attempts that cause a web application to display a list of all user accounts.
Which action should the engineer enable to achieve this?

A. Stats
B. Block
C. Log
D. Learn

Answer: D

NEW QUESTION 44
Scenario: A Citrix Engineer is implementing Citrix Web App Firewall to protect a new web application. The engineer has created a profile, configured the relaxation
rules, and applied signature protections. Additionally, the engineer has assigned the profile to a policy and bound the policy to the application.
What is the next step for the engineer in protecting the web application?

A. Update the global default Citrix Wed App Firewall profile with the new signature file.
B. Enable the Signature Auto-Update feature.
C. Enable logging on key protections.
D. Test the web application protections with a group of trusted users.

Answer: B

NEW QUESTION 47
Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall. After the Web App Firewall policy afweb_protect is bound to the
virtual server, the engineer notices that Citrix Web App Firewall is NOT properly displaying the page.
A positive number for the Policy Hits counter for afweb_protect, tells the engineer the number of times Citrix Web App Firewall . (Choose the correct option to
complete the sentence.)

A. received a request that matched the policy expression for afweb_protect

B. blocked traffic for web applications assigned the afweb_protect policy
C. logged a request matching the expression defined in the afweb_protect policy
D. forwarded users to the Redirect URL specified in the profile assigned to afweb_protect

Answer: A

NEW QUESTION 49
Scenario: A Citrix Engineer manages Citrix Application Delivery Management (ADM) for a large holding company. Each division maintains its own ADC appliances.
The engineer wants to make Citrix ADM features and benefits available to each group independently.
What can the engineer create for each division to achieve this?

A. A site
B. A role
C. A tenant
D. A dashboard
E. A group

Answer: C

NEW QUESTION 54
Which Citrix Web App Firewall engine setting can a Citrix Engineer use to ensure that protections are applied in the event that an advanced policy expression
cannot be evaluated as either 'True' or 'False'?

A. Undefined profile
B. Session Limit
C. Default profile
D. Entity Decoding

Answer: B

NEW QUESTION 59
Scenario: A Citrix Engineer wants to configure the Citrix ADC for 0Auth Authentication. The engineer uploads the required certificates, configures the actions, and
creates all the necessary policies. After binding the authentication policy to the application, the engineer is unable to authenticate.

A. The log files are full

B. The policy bindings were assigned incorrect priorities

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

 Recommend!! Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

C. The Redirect URL is incorrect

D. The certificates have expired

Answer: C

NEW QUESTION 61
Scenario: A Citrix Engineer configures Citrix Web App Firewall to protect an application. Users report that they are NOT able to log on. The engineer enables a
Start URL relaxation for the path //login.aspx.
What is the effect of the Start URL relaxation on the application?

A. Access to the path /login.aspx is unblocked.

B. Access to the path /login.aspx is blocked.
C. External users are blocked from the path /login.aspx.Internal users are permitted to the path /login.aspx.
D. Non-administrative users are blocked from the path /login.aspx Administrative users are permitted to the path /login.aspx.

Answer: A

NEW QUESTION 63
In which order is a client request to a protected web application processed?

A. CitrixWebApp Firewall, Load Balancing, Caching, Rewrite

B. Caching, Citrix Web App Firewall, Load Balancing, Rewrite
C. Citrix Web App Firewall, Caching, Load Balancing, Rewrite
D. Load Balancing, Citrix Web App Firewall, Caching, Rewrite

Answer: C

NEW QUESTION 67
Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall. After the Web App Firewall policy afweb_protect is bound to the
virtual server, the engineer notices that pages are displaying in plain text with graphics included.
What is the likely cause of this?

A. The Safe Objects protection is NOT properly configured.

B. The Start URL list does NOT include CSS files.
C. The Web App Firewall feature is disabled.
D. The policy expression allows for HTML files only.

Answer: B

NEW QUESTION 71
Which Front End Optimization technique can a Citrix Engineer enable on the Citrix ADC to remove all excess whitespace from a file?

A. Shrink to Attributes
B. Minify
C. Lazy Load
D. Inlining

Answer: B

NEW QUESTION 75
Which protection is applied on a server response from a protected application?

A. Cross-Site Request Forgeries (CSRF)

B. Form Field Consistency
C. HTML Cross-Site Scripting (XSS)
D. Safe Object

Answer: D

NEW QUESTION 80
Scenario: A Citrix Engineer is implementing Integrated Caching to increase performance of a web application. The Application Engineer replaces a small logo on
the main page with a new one. Later on, when the engineer attempts to access the page, the old logo is displayed. Which enabled setting in the Content Group
would cause this to happen?

A. Ignore browser's reload request

B. Do not cache—if size exceeds 500 KB
C. Expire content after 60 seconds
D. Do not cache—if hits are less than 1

Answer: A

NEW QUESTION 82
Which Citrix Application Delivery Management (ADM) Analytics page allows an engineer to monitor the metrics of end-point analysis and authentication failures?

A. Gateway Insight

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

 Recommend!! Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

B. HDX Insight
C. Web Insight
D. Security Insight

Answer: A

NEW QUESTION 86
A Citrix Engineer observes that the servers hosting a critical application are crashing on a regular basis. Which protection could the engineer implement on a Citrix
Web App Firewall in front of the application?

A. Buffer Overflow Check

B. HTML Cross-Site Scripting (XSS)
C. Start URL
D. HTML SQL Injection

Answer: A

NEW QUESTION 87
A review of purchases made at an online retailer shows that several orders were processed for items at an unpublished price.
Which protection can a Citrix Engineer implement to prevent a site visitor from modifying the unit price of a product on the shopping cart page?

A. Cross-Site Request Forgeries (CSRF)

B. Form Field Consistency
C. HTML Cross-Site Scripting (XSS)
D. HTML SQL Injection

Answer: B

NEW QUESTION 90
Scenario: A Citrix Engineer is asked to help improve the performance of a web application. After capturing and analyzing a typical session, the engineer notices a
large number of user requests for the stock price of the company.
Which action can the engineer take to improve web application performance for the stock quote?

A. Enable the Combine CSS optimization.

B. Create a static content group.
C. Create a dynamic content group.
D. Enable the Minify JavaScript optimization.

Answer: C

NEW QUESTION 91
Scenario: During application troubleshooting, a Citrix Engineer notices that response traffic received from a protected web application is NOT matching what the
web server is sending out. The engineer is concerned that someone is trying to disrupt caching behavior.
Which action is the Citrix Web App Firewall performing that would trigger this false positive?

A. Removing the Last-Modified header

B. Inserting a hidden form field
C. Removing the Accept-Encoding header
D. Modifying and adding cookies in the response

Answer: A

NEW QUESTION 92
Which Front End Optimization technique overcomes the parallel download limitation of web browsers?

A. Domain Sharding
B. Minify
C. Extend Page Cache
D. Lazy Load

Answer: A

NEW QUESTION 95
A Citrix Engineer is reviewing the log files for a sensitive web application and notices that someone accessed the application using the engineer’s credentials
while the engineer was out of the office for an extended period of time.
Which production can the engineer implement to protect against this vulnerability?

A. Deny URL
B. Buffer Overflow
C. Form Field Consistency
D. Cookie Consistency

Answer: D

NEW QUESTION 98

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

 Recommend!! Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

Scenaho: A Citrix Engineer needs to block requests from a list of IP addresses in a database maintained by the Security team. The Security team has built a web
application that will send a response of either "Blocked" or "Allowed," based on whether the given IP address is on the list. Which expression should the engineer
use to extract the status for policy processing?

A. HTTP.RES.STATUS
B. HTTP.RES.HEADERfConnection")
C. HTTP.RES.BODY(1000)
D. HTTP.RES.CONTENT LENGTH.GT(0)

Answer: B

NEW QUESTION 99
Which Citrix Application Delivery Management (ADM) Analytics page allows a Citrix Engineer to monitor web application traffic?

A. Web Insight
B. WAN Insight
C. HDX Insight
D. Gateway Insight

Answer: A

NEW QUESTION 100

Scenario: A Citrix Engineer reviews the log files for a business-critical web application. The engineer notices a series of attempts to directly access a file,
/etc/passwd.
Which feature can the engineer implement to protect the application against this attack?

A. Buffer Overflow
B. Start URL
C. Content Type
D. Form Field Consistency

Answer: B

NEW QUESTION 103

Scenario: A Citrix Engineer wants to configure the Citrix ADC for OAuth authentication. The engineer uploads the required certificates, configure the actions, and
creates all the necessary policies. After binding the authentication policy to the application, the engineer is unable to authenticate.
What is the most likely cause of this failure?

A. The log files are full.

B. The Redirect URL is incorrect.
C. The certificates have expired.
D. The policy bindings were assigned incorrect priorities.

Answer: D

NEW QUESTION 104

Scenario: A Citrix Engineer has enabled the IP Reputation feature. The engineer wants to protect a critical web application from a distributed denial of service
attack.
Which advanced expression can the engineer write for a Responder policy?

A. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(SPAM_SOURCES)
B. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(BOTNETS)
C. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(WEB_ATTACKS)
D. CLIENT.IP.SRC.IPREP_THREAT_CATEGORY(WINDOWS_EXPLOITS)

Answer: C

NEW QUESTION 107

Which report can a Citrix Engineer review to ensure that the Citrix ADC meets all PCI-DSS requirements.

A. Generate Application Firewall Configuration

B. PCI-DSS Standards
C. Application Firewall Violations Summary
D. Generate PCI-DSS

Answer: D

NEW QUESTION 109

Which build-in TCP profile can a Citrix Engineer assign to a virtual server to improve performance for users who access an application from a remote office over an
ATM connection?

A. nstcp_default_tcp_lfp
B. nstcp_default_tcp_lan
C. nstcp_default_tcp_interactive_stream
D. nstcp_default_tcp_lnp

Answer: D

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

 Recommend!! Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

NEW QUESTION 114

Scenario: A Citrix Engineer wants to protect a web application using Citrix Web App Firewall. After the Web App Firewall policy is bound to the virtual server, the
engineer notices that Citrix Web App Firewall is NOT blocking bad requests from clients. Which tool can help the engineer view the traffic that is passing to and
from the client?

A. nstrace
B. nsconmsg
C. syslog
D. aaad.debug

Answer: A

NEW QUESTION 118

Scenario: A Citrix Engineer is asked to implement multi-factor authentication for Citrix Gateway. The engineer creates the authentication policies and binds the
policies to the appropriate bind points. The engineer creates a custom form using Notepad++ to format the page which will capture the user’s credentials.
What is the first step the engineer must perform to assign this form to the authentication process?

A. Create a login schema policy and bind it to the authentication virtual server.
B. Bind the authentication policy to the primary authentication bank of the Citrix Gateway
C. Create a login schema profile and select the uploaded file.
D. Create an authentication policy label and bind it to an authentication policy.

Answer: B

NEW QUESTION 121

Which variable will display the client’s source IP address when added to an HTML Error Object page?

A. $[CLIENT.IP.SRC]
B. ${CLIENT.IP.SRC}
C. $<CLIENT.IP.SRC>
D. $(CLIENT.IP.SRC)

Answer: B

NEW QUESTION 124

Which Application-level Quality of Experience (AppQoE) Action setting modifies the communication characteristics of the connections established with the
associated web application?

A. Priority
B. TCP Profile
C. Action Type
D. DOS Action

Answer: C

NEW QUESTION 125

Scenario: A Citrix Engineer is using Citrix Application Delivery Management (ADM) to manage SSL certificates across all Citrix ADC instances. The engineer wants
to distribute a new certificate to the devices. What, in addition to the certificate file, must the engineer provide when uploading the new certificate?

A. Serial Number File

B. Certificate Signing Request (CSR)
C. Root Certificate
D. Key File

Answer: D

NEW QUESTION 129

Scenario: A Citrix Engineer used Learning to establish the HTML SQL Injection relaxations for a critical web application. The engineer now wishes to begin working
on the protections for a different web application. The name of the Web App Profile is appfw_prof_customercare.
Which CLI command can the engineer use to empty the Learn database?

A. set appfw learningsettings appfw_prof_customercare -SQLInjectionMinThreshold 0

B. set appfw learningsettings appfw_prof_customercare -startURLMinThreshold 0
C. reset appfw learningdata
D. export appfw learningdata appfw_prof_customercare

Answer: C

NEW QUESTION 133

......

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

 Recommend!! Get the Full 1Y0-341 dumps in VCE and PDF From SurePassExam
https://www.surepassexam.com/1Y0-341-exam-dumps.html (107 New Questions)

Thank You for Trying Our Product

We offer two products:

1st - We have Practice Tests Software with Actual Exam Questions

2nd - Questons and Answers in PDF Format

1Y0-341 Practice Exam Features:

* 1Y0-341 Questions and Answers Updated Frequently

* 1Y0-341 Practice Questions Verified by Expert Senior Certified Staff

* 1Y0-341 Most Realistic Questions that Guarantee you a Pass on Your FirstTry

* 1Y0-341 Practice Test Questions in Multiple Choice Formats and Updatesfor 1 Year

100% Actual & Verified — Instant Download, Please Click

Order The 1Y0-341 Practice Test Here

Passing Certification Exams Made Easy visit - https://www.surepassexam.com

Powered by TCPDF (www.tcpdf.org)