PassLeader just published the NEWEST Citrix 1Y0-351 exam dumps! You can get both 1Y0-351 VCE dumps and 1Y0-351 PDF dumps from PassLeader, both VCE and PDF dumps contain the NEWEST 1Y0-351 exam questions, which will ensure your 1Y0-351 exam 100% passing! Welcome to download the valid PassLeader 1Y0-351 dumps VCE and PDF from PassLeader — https://www.passleader.com/1y0-351.html (293 Q&As Dumps)
And, you can preview the PassLeader 1Y0-351 dumps online — https://drive.google.com/open?id=0B-ob6L_QjGLpNDR0TEdkaG9XWGc
QUESTION 76
A network engineer wants to configure a NetScaler for load balancing Voice over IP traffic (VoIP). Which hash method is the best fit for VoIP traffic?
A. Call ID
B. Source IP
C. Destination IP
D. Domain name
Answer: A
QUESTION 77
Scenario:
A company has three HTTP servers that are load balanced using NetScaler. When users connect to the HTTP application they often receive inconsistent data or are advised that they need to log on again. Which step should the engineer take to correct this?
A. Remove Down State Flush.
B. Change the idle timeout value for the service.
C. Configure persistence with appropriate timeouts.
D. Change the global TCP Client Idle Time-Out value.
Answer: C
QUESTION 78
Scenario:
An application that uses HTTP for connections and other protocols for different types of content has been deployed. Load balancing virtual servers have been created for each protocol and the engineer now needs to ensure that once a load balancing decision has occurred, further requests for different content are served from the same server. How could the engineer achieve this?
A. Create a persistency group.
B. Set the Spillover method to DYNAMICCONNECTION.
C. Add a new virtual server for each protocol that is not directly addressable.
D. Set each virtual server to use Source IP Hash as the load balancing method.
Answer: A
QUESTION 79
Scenario:
A NetScaler engineer configured a service and server for RADIUS authentication. To ensure that the RADIUS service is available and responding to authentication requests, the engineer has added the NetScaler built-in monitor to the service. On inspecting the RADIUS service the engineer notices it is marked as DOWN. What could be causing this issue?
A. The built-in monitor has been changed.
B. RADIUS accounting must be enabled under the server.
C. There is no built-in monitor available to monitor RADIUS.
D. The NetScaler-owned IP address has not been added to the RADIUS database.
Answer: D
QUESTION 80
Scenario:
When the NetScaler was set up, compression was enabled. The network engineer would like to disable compression ONLY for a particular virtual server. How could the engineer accomplish this?
A. Uncheck Compression in the system basic features.
B. Create a policy with a NOCOMPRESS action, bound to the global request point.
C. Disable compression on the services or service groups bound to the virtual server.
D. Create a policy with a NOCOMPRESS action, bound the virtual server Compression (request) point.
Answer: C
QUESTION 81
A company has a new CEO and wants to update their website with the new CEO’s name. What could the engineer do on the website while this modification is being made?
A. Insert the new name on the header requests using Rewrite policies.
B. Hide the current name on the header request using Rewrite policies.
C. Delete the current name on the body response using Rewrite policies.
D. Replace the current name on the body response using Rewrite policies.
Answer: D
QUESTION 82
A network engineer needs to prevent too many simultaneous HTTP requests that can cause a Denial Of Service (DDoS). What could the engineer enable to prevent too many simultaneous HTTP requests?
A. Rate Limiting
B. SureConnect
C. Priority Queuing
D. Authorization Policy
Answer: A
QUESTION 83
Scenario:
A network engineer would like to prevent blacklisted remote clients from accessing NetScaler hosted application services. An IP address blacklist database is maintained by an external company and available to query over the Internet. The engineer would like to reject any connections from IP addresses that are contained in the blacklist. What could the engineer configure to achieve this goal?
A. SSL offload
B. HTTP callout
C. URL transformation
D. SSL certification revocation list check
Answer: B
QUESTION 84
While performing some re-cabling, a NetScaler engineer noticed that a power supply unit failed on a NetScaler appliance. What should the engineer enable to receive notification of a future hardware failure?
A. SMTP
B. SNMP
C. Health monitoring
D. EdgeSight monitoring
Answer: B
QUESTION 85
A network engineer selected the option on a SSL certificate to provide notification upon expiration of the certificate; however when a certificate expires, NO notification is sent to the engineer. Which step could the engineer take to enable notification?
A. Configure SNMP.
B. Create a SSL policy.
C. Enable the SSL offload feature.
D. Ensure that the certificate is linked to a Root certificate.
Answer: A
QUESTION 86
A NetScaler implementation is experiencing intermittent network issues, specifically regarding traffic to a back-end service associated with IP address 10.10.1.86. Which command should a network engineer execute to generate diagnostic information to investigate this issue?
A. traceroute 10.10.1.86
B. show run | grep 10.10.1.86
C. nstcpdump.sh host 10.10.1.86
D. show service 10.10.1.86 -summary
Answer: C
Explanation:
In my lab, the command must be performed from the shell:
QUESTION 87
A network engineer needs to investigate why a few users have issues logging on to the NetScaler system. How can the engineer troubleshoot authentication issues on the NetScaler system?
A. Use ECV monitoring.
B. Run a violations report in Reporting.
C. Use the CAT aaad.debug command.
D. Check the system-authentication setting in the GUI.
Answer: C
Explanation:
Drop the the shell and the file is located at: /tmp/aaad.debug
QUESTION 88
A network engineer runs the following command:
nsconmsg -K /var/nslog/newnslog -s nsdebug_pe=1 -d oldconmsg
What is the engineer trying to check in the log?
A. Bandwidth information
B. Load-balancing information
C. Content-switching statistics
D. Memory utilization information
Answer: A
QUESTION 89
An engineer is checking that ports are configured correctly between the NetScaler system and a back-end web server. Which command should the engineer use to test that the web server is responding on port 80?
A. telnet webA.example.com 80
B. telnet webA.example.com:80
C. telnet webA.example.com port=80
D. telnet webA.example.com -port 80
Answer: A
QUESTION 90
Scenario:
The network engineer is setting up a new NetScaler using a direct connection. Three networks are connected to the NetScaler. After initial configuration and restart, the engineer would like to confirm the routing table entries. From which location and which command should the engineer run to display the routing table?
A. From the shell ‘netstat -r’
B. From the shell ‘route monitor’
C. From the command-line interface ‘show pbr’
D. From the command-line interface ‘show route’
Answer: D
QUESTION 91
A network engineer might choose to use SSL_Bridge instead of a SSL virtual server in order to ____. (Choose the correct option to complete the sentence.)
A. be able to decrypt the SSL traffic
B. enable use of OCSP for revoked certificates
C. pass user certificates to the back-end servers
D. enable SSL server certificates on the service group
Answer: C
QUESTION 92
Scenario:
A network engineer has bound four policies to an HTTP virtual server as follows:
PolicyA is bound with a priority of 10 and has the following expression: REQ.IP.SOURCEIP == 10.10.10.0
PolicyB is bound with a priority of 15 and has the following expression: REQ.IP.SOURCEIP != 10.10.11.0
PolicyC is bound with a priority of 20 and has the following expression: REQ.IP.SOURCEIP == 10.10.12.0
PolicyD is bound with a priority of 25 and has the following expression: REQ.IP.SOURCEIP != 10.10.13.0
When a connection is made from a PC with an IP address of 10.10.12.15, which policy will be applied?
A. PolicyA
B. PolicyB
C. PolicyC
D. PolicyD
Answer: B
Explanation:
Don’t be fooled by this as the first policy to match will be used, in this case 10.10.12.15 is not 10.10.11.0 hence it statisfies policyB.
QUESTION 93
Scenario:
A network engineer is going to roll out an upgrade from a 9.x version on a standalone NetScaler appliance using the command-line interface. Which two items does the engineer need to download before proceeding with the upgrade? (Choose two.)
A. SSL Certificates Files
B. NetScaler Firmware File
C. NetScaler Configuration File
D. NetScaler Documentation File
Answer: BD
QUESTION 94
Scenario:
A pair of NetScaler devices have recently been installed into the corporate DMZ. The Netscalers have been installed in two-arm mode, with two interfaces in a Internet- facing VLAN and two interfaces in the internal VLAN. A private management subnet also exists. The NetScaler engineer would like to secure and restrict communication between the management subnet and the SNIP address on that subnet. Which two actions could the engineer take to help with these goals? (Choose two.)
A. Apply an ACL on the specified SNIP.
B. Remove the ACL list to the internal VLAN.
C. Remove the NSIP address from the Netscaler.
D. Configure the SNIP with the -gui SECUREONLY option.
Answer: AD
QUESTION 95
Which two of the following settings could be configured using a TCP profile that is bound to a service? (Choose two.)
A. TCP buffer size
B. Window scaling
C. TCP Server time-out values
D. Source IP for specific subnet
E. Allowed bandwidth throughput
F. Number of max concurrent TCP connections
Answer: AB
QUESTION 96
When binding a certificate to a virtual server, which two certificate formats are supported by NetScaler? (Choose two.)
A. P7B
B. PFX
C. PEM
D. DER
Answer: CD
QUESTION 97
When configuring NetScaler authentication to access a web site, which two things should a network engineer verify in the environment? (Choose two.)
A. AAA is enabled.
B. One DNS server exists.
C. A Keytab file is available.
D. An authentication virtual server exists.
E. A traffic management virtual server exists.
Answer: AD
QUESTION 98
A NetScaler engineer generates a techsupport archive to be sent to Technical Support. Which three of the following pieces of information will be included in the archive file? (Choose three.)
A. Model Number
B. SSL Private Keys
C. Old Configuration Files
D. Hardware Boot sequence
E. Webpage Customizations
F. Certificate Revocation List
Answer: ACD
QUESTION 99
A network engineer needs to configure Citrix NetScaler to provide Access Gateway services to VLAN 2 using interface 1/1 only, while also using interface 1/2 to provide load balancing services to VLAN 3. How could this result be achieved?
A. Disable static route advertisement
B. Disable layer 2 mode
Create 2 untagged VLANs – VLAN 2 and VLAN 3
Bind VLAN 2 to Interface 1/1
Bind VLAN 3 to Interface 1/2
C. Enable Layer 3 mode
Create a Channel Interface using Interface 1/1 and 1/2 Create 2 VMACs
Bind a VMAC to interface 1/1 and 1/2
D. Configure policy-based routing using the Interface option as a filter
Answer: B
QUESTION 100
What should a network engineer do to prevent unauthorized users from using the root user account?
A. Reset the nsroot account.
B. Change the nsroot password.
C. Create an authorization policy.
D. Bind a policy to the root user account.
Answer: B
Explanation:
Changing the Password of the Default User Account
The default user account provides complete access to all features of the Citrix SDX appliance. Therefore, to preserve security, the nsroot account should be used only when necessary, and only individuals whose duties require full access should know the password for the nsroot account. Citrix recommends changing the nsroot password frequently. If you lose the password, you can reset the password to the default by reverting the appliance settings to factory defaults. You can change the password of the default user account in the Users pane. In the Users pane, you can view the following details:
– Name Lists — the user accounts configured on the SDX appliance.
– Permission Displays — the permission level assigned to the user account.
To change the password of the default user account On the Configuration tab, in the navigation pane, expand System, and then click Users. In the Users pane, click the default user account, and then click Modify. In the Modify System User dialog box, in Password and Confirm Password, enter the password of your choice. Click OK.
Now, try the PassLeader 1Y0-351 dumps for 100% passing your 1Y0-351 exam — https://www.passleader.com/1y0-351.html (293 Q&As VCE Dumps and PDF Dumps)
And, preview the PassLeader 1Y0-351 dumps online — https://drive.google.com/open?id=0B-ob6L_QjGLpNDR0TEdkaG9XWGc
Good Luck!