PassLeader just published the NEWEST Citrix 1Y0-351 exam dumps! You can get both 1Y0-351 VCE dumps and 1Y0-351 PDF dumps from PassLeader, both VCE and PDF dumps contain the NEWEST 1Y0-351 exam questions, which will ensure your 1Y0-351 exam 100% passing! Welcome to download the valid PassLeader 1Y0-351 dumps VCE and PDF from PassLeader — https://www.passleader.com/1y0-351.html (293 Q&As Dumps)
And, you can preview the PassLeader 1Y0-351 dumps online — https://drive.google.com/open?id=0B-ob6L_QjGLpNDR0TEdkaG9XWGc
QUESTION 126
A network engineer wants to hide the IP address of the outgoing packets by changing it to the IP of the VIP. Which feature should the administrator use?
A. ACL
B. PBR
C. RNAT
D. Rewrite
Answer: C
QUESTION 127
During a recent security penetration test, several ports on the management address were identified as providing unsecured services. Which two methods could the network engineer use to restrict these services? (Choose two.)
A. Configure Auditing policies.
B. Create Content Filtering policies.
C. Create Access Control Lists (ACLs).
D. Configure options on the Management IP addresses.
Answer: CD
QUESTION 128
An engineer should use the filter (content filtering) feature to prevent ____ and ____. (Choose the two correct options to complete the sentence.)
A. the use of unauthorized HTTP methods
B. a client from accessing a specific IP on the back-end
C. inappropriate HTTP headers from being sent to your Web server
D. inappropriate MSSQL commands from being sent to your SQL server
E. a client from a specific VLAN ID to access resources on the NetScaler
Answer: AC
QUESTION 129
Scenario:
A network engineer needs to implement high availability (HA) for a pair of NetScaler appliances. The existing appliance was recently restarted and the new appliance has been rack mounted and turned on for several weeks waiting to be configured. The engineer needs to create an HA pair, but is concerned that his original appliance will get erased when the HA pair is created. Which two tasks could the engineer do before the creation of the HA pair to ensure that the exiting unit stays the main appliance? (Choose two.)
A. Set StayPrimary on the existing node.
B. Configure StaySecondary on the new node.
C. Enable HA Sync before adding the second node.
D. Create a Route Monitor to ensure proper synchronization.
E. Ensure that INC mode is enabled during creation of HA Pair.
Answer: AB
QUESTION 130
Scenario:
A network engineer plans to configure an Active Directory Server as the default authentication for a NetScaler deployment and provide users with the option to change their password if it is expired. Which two actions should the engineer take to configure this authentication requirement on the NetScaler system? (Choose two.)
A. Configure a pre-authentication policy.
B. Select security type as SSL on Authentication policy.
C. Configure Authentication server with SSO name attribute.
D. Configure Authentication server with allow password change option.
Answer: BD
QUESTION 131
Which two parameters in the TCP buffering settings can be controlled by a network engineer? (Choose two.)
A. buffering size
B. source IP range
C. destination IP range
D. memory size for buffering
Answer: AD
QUESTION 132
Users have reported that they are receiving a confusing error message related to SSL sessions when connecting from older browsers. How could the network engineer present this error to users in a customized format?
A. Enable the SSL v2 protocol.
B. Set a URL on the backup virtual server.
C. Add a redirect URL to the virtual server.
D. Configure SSL v2 Redirection for the virtual server.
Answer: D
QUESTION 133
A network engineer must determine which SSL protocols are enabled on a virtual server named SSL01. Which command could the engineer run to see this information?
A. Show ssl stats
B. Show server SSL01
C. Show vServer SSL01
D. Show ssl vServer SSL01
Answer: D
QUESTION 134
The security department just conducted a penetration test on the published virtual servers and all of the SSL virtual servers returned the result “Allowed changing to weak certificate standard” in the report. The reason for this result could be that the network engineer who configured the virtual servers forgot to ____. (Choose the correct option to complete the sentence.)
A. block TLSv1
B. apply the SSL policy
C. configure the HIGH Cipher group only
D. configure the DEFAULT Cipher group only
Answer: C
QUESTION 135
Which policy expression must an engineer use to enable compression for javascript files?
A. HTTP.RES.BODY(0).CONTAINS(“javascript”)
B. HTTP.REQ.BODY(0).CONTAINS(“javascript”)
C. HTTP.RES.HEADER(“Content-Type”).CONTAINS(“javascript”)
D. HTTP.REQ.HEADER(“Content-Type”).CONTAINS(“javascript”)
Answer: C
QUESTION 136
Which expression must an engineer use to prevent compression of Cascading Style Sheets?
A. HTTP.RES.BODY(0).CONTAINS(“text/css”)
B. HTTP.REQ.BODY(0).CONTAINS(“text/css”)
C. HTTP.RES.HEADER(“Content-Type”).CONTAINS(“text/css”)
D. HTTP.REQ.HEADER(“Content-Type”).CONTAINS(“text/css”)
Answer: C
QUESTION 137
The purpose of pre-fetch in integrated caching is to automatically ____. (Choose the correct option to complete the sentence.)
A. refresh a cached object before expiring
B. fetch objects from the forwarding cache before expiring
C. retrieve all objects on a published website after a policy is applied
D. retrieve an object in the expression from a website after a policy is applied
Answer: A
QUESTION 138
What is the purpose of the flash cache option in integrated caching?
A. To completely wipe a cache group when the targeted selector is hit in the cache
B. To use the flash memory for storage for a specific cache group to improve performance
C. To queue simultaneous requests of an object and answer all with the same response from the server
D. To answer the client request without checking if the object has expired, objects are checked periodically instead
Answer: C
QUESTION 139
Scenario:
A network engineer has created two selectors to use to populate a cache group in integrated caching. One selector, “Hit,” will determine what to add to the group. The other, “Inval”, will select what should be invalidated. Which command should the engineer run to create the cache group?
A. add cache contentgroup CacheGroup1 -hitParams Hit -invalParam Inval
B. add cache contentgroup CacheGroup1 -hitSelector Hit -invalSelector Inval
C. set cache contentgroup CacheGroup1 – hitParams Hit -invalParam Inval -type HTTP
D. set cache contentgroup CacheGroup1 -hitSelector Hit – invalSelector Inval -type HTTP
Answer: B
QUESTION 140
A network engineer is investigating a recent failure of NetScaler high availability and confirms that some recent changes were made to the configuration. What is a likely cause of the failure?
A. Load balancing virtual server marked DOWN.
B. SNIP has had management access removed.
C. RPC node password changed on an appliance.
D. The network command policy has been modified.
Answer: C
QUESTION 141
A network engineer has started at a new company and has been instructed to restrict access to an external facing VIP to selected third party clients, based on their source IP address range. What could the engineer do to accomplish this task?
A. Enable USNIP mode on the Netscaler.
B. Enable the host route option on the external VIP.
C. Create an Extended ACL based on the source IP address.
D. Create a SNIP address in the external VLAN limited to the source IP addresses.
Answer: C
QUESTION 142
Scenario:
An engineer has been asked to implement load balancing of an existing unsecured web application. The engineer needs to ensure that users will access the web application using HTTPS, but no changes can be made to the web servers hosting the web application. In order to fulfill the requirements, the engineer must create an ____ service group and add members with port ____; and bind the service group to an ____ virtual server. (Choose the correct set of options to complete the sentence.)
A. SSL; 443; SSL
B. HTTP; 80; SSL
C. SSL; 80; HTTP
D. HTTPS; 443; HTTP
Answer: B
QUESTION 143
A network engineer notes that a high availability pair (HA) is NOT synchronizing correctly and decides to open a ticket with Citrix Support. When opening the new ticket with Citrix Support, the engineer should run show ____ and ____. (Choose the correct set of options to complete the sentence.)
A. ha node; provide any public IP addresses listed
B. ha node; provide the hello and dead interval data
C. techsupport on the primary device; send the output to Citrix Support
D. techsupport on both the primary and secondary devices; send the output to Citrix support
Answer: D
QUESTION 144
A network engineer needs to upgrade both appliances of a High Availability (HA) pair. In which order should the network engineer upgrade the appliances?
A. Disable high availability and upgrade one node at a time.
B. Upgrade the primary node first without disabling high availability.
C. Upgrade the secondary node first without disabling high availability.
D. Perform the upgrade simultaneously without disabling high availability.
Answer: C
QUESTION 145
Scenario:
A network engineer is managing a NetScaler environment that has two NetScaler devices running as a high availability pair. The engineer must upgrade the current version from NetScaler 9 to NetScaler 10.5. Which action must the engineer take?
A. Upgrade the primary node and perform HA sync.
B. Upgrade the secondary node and then upgrade the primary node.
C. Upgrade the primary node and then upgrade the secondary node.
D. Break the high availability pair, upgrade each NetScaler device, and then reconfigure high availability.
Answer: B
QUESTION 146
An engineer has two NetScaler devices in two different datacenters and wants to create a high availability (HA) pair with the two devices, even though they are on two different subnets. How can the engineer configure the HA Pair between the two NetScaler devices?
A. Configure StaySecondary on the second datacenter appliance.
B. Ensure that INC mode is enabled during the creation of the HA Pair.
C. Enable the HAMonitors on all interfaces after the HA Pair has been created.
D. Change the NSIP of the second appliance to be on the same subnet as the first appliance.
Answer: B
QUESTION 147
When a network engineer logs onto a new NetScaler device in the London datacenter, data output indicates that the device is NOT configured for the local time. How can the network engineer synchronize the correct time with an NTP server in the local data center?
A. Configure the correct time from the GUI and restart.
B. Modify the ntp.conf and rc.netscaler files and restart.
C. Logon using the nsrecover/nsroot credentials and restart.
D. Configure the NetScaler as a secondary NTP server and restart.
Answer: B
QUESTION 148
Scenario:
The NetScaler has connections to a large number of VPNs. The network engineer wants to minimize the number of ARP requests. Which feature should the network engineer enable to minimize ARP requests?
A. TCP Buffering
B. Use Source IP
C. Edge Configuration
D. MAC based forwarding
Answer: D
QUESTION 149
A network engineer has configured two NetScaler MPX appliances as a high availability (HA) pair. What can the engineer configure to prevent failover if only a single interface fails?
A. FIS
B. PBR
C. SNMP
D. VMAC
Answer: A
QUESTION 150
Scenario:
A NetScaler appliance currently has a manually configured channel containing four interfaces; however, the engineer has been told that the NetScaler must now only use a single interface for this network. The engineer removes the channel and immediately notices a decrease in network performance. How could the engineer resolve this issue?
A. Reset the unused interfaces
B. Disable the unused interfaces
C. Enable flow control on all interfaces
D. Disable HA monitoring on the three interfaces that are no longer required
Answer: B
Now, try the PassLeader 1Y0-351 dumps for 100% passing your 1Y0-351 exam — https://www.passleader.com/1y0-351.html (293 Q&As VCE Dumps and PDF Dumps)
And, preview the PassLeader 1Y0-351 dumps online — https://drive.google.com/open?id=0B-ob6L_QjGLpNDR0TEdkaG9XWGc
Good Luck!